Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite
Cyber threat actors may be targeting unpatched ZCS instances in both government and private sector networks.
CISA and the MS-ISAC strongly urge users and administrators to apply the guidance in the Recommendations section of this CSA to help secure their organization's systems against malicious cyber activity.
CISA and the MS-ISAC encourage organizations who did not immediately update their ZCS instances upon patch release, or whose ZCS instances were exposed to the internet, to assume compromise and hunt for malicious activity using the third-party detection signatures in the Detection Methods section of this CSA.
Organizations that detect potential compromise should apply the steps in the Incident Response section of this CSA.
Featured Resources
Get Ready to Get MCPwned — Cymulate’s Elite CTF on Securing the Model Context Protocol
When AI agents meet the real world, every protocol becomes a potential attack vector. That’s the big idea behind MCPwned,
How a Retail Organization Became 12x Faster at Assessing Security Controls with Cymulate
Challenge This retail organization has a presence in 34 countries and over 5,800 stores. Its security team uses various controls
Ransomware Detection Techniques: A Smarter Approach to Staying Ahead of Attacks
Ransomware attacks continue to rise in both volume and sophistication, crippling organizations, exfiltrating sensitive data and costing billions annually in