The eupolicy.social admin @admin

2 posts2 participants0 posts today

**Stalwart Labs** @stalwartlabs@mastodon.social · 1d

Stalwart Labs @stalwartlabs@mastodon.social

The Future of Stalwart: Curious about our Webmail plans and what's next on our roadmap? Read our latest blog for all the exciting details at https://stalw.art/blog/roadmap #Email #Webmail #AutRustAutNihil

stalw.art · 2dThe Future of Stalwart: Webmail, Roadmap, and Beyond | Stalwart LabsSince we officially started developing Stalwart on September 4th, 2021, we've come a long way in establishing a powerful and versatile open-source mail and collaboration server. The very first commit, made on October 3rd, 2021, was to the mail-parser Rust crate, a fundamental component upon which Stalwart was built. It set the tone for our relentless pursuit of secure, reliable, and performant software.

**The New Oil** @thenewoil@mastodon.thenewoil.org · 4d

The New Oil @thenewoil@mastodon.thenewoil.org

Hacker steals 1 million Cock(dot)li user records in #webmail #DataBreach

https://www.bleepingcomputer.com/news/security/hacker-steals-1-million-cockli-user-records-in-webmail-data-breach/

#email #cockli #privacy

**The New Oil** @thenewoil@mastodon.thenewoil.org · Jun 6

Jun 6

The New Oil @thenewoil@mastodon.thenewoil.org

Hacker selling critical #Roundcube #webmail exploit as tech info disclosed

https://www.bleepingcomputer.com/news/security/hacker-selling-critical-roundcube-webmail-exploit-as-tech-info-disclosed/

#cybersecurity

**nicolas** @nschont@mastodon.mim-libre.fr · Jun 3

Jun 3

nicolas @nschont@mastodon.mim-libre.fr

pour celles et ceux qui ont déployé des roundcube il va falloir faire la mise à jour rapidement

https://thehackernews.com/2025/06/critical-10-year-old-roundcube-webmail.html

#cve #messagerie #webmail

**Neustradamus :xmpp: :linux:** @neustradamus@mastodon.social · Jun 3

**Neustradamus :xmpp: :linux:** @neustradamus@mastodon.social · Jun 3

Jun 3

Neustradamus :xmpp: :linux: @neustradamus@mastodon.social

#Roundcube 1.6.11 (stable) has been released (#Webmail / #Mail / #IMAP / #SMTP / #LDAP / #Managesieve / #PHP / #MariaDB / #MySQL / #PostgreSQL / #SQLite / #OracleDB / #MSSQL) https://roundcube.net/

roundcube.netRoundcube - Free and Open Source Webmail SoftwareFree and open source webmail software for the masses, written in PHP

Replied in thread

**Benoît B.** @benoitb@framapiaf.org · Jun 3

Jun 3

Benoît B. @benoitb@framapiaf.org

@alainmi11

J'ai toujours une boîte GMail que je travaille à abandonner (dur après de nombreuses années d'utilisation), et j'ai eu la trouille.

Mais si je comprends bien, cette annonce concerne uniquement l'application mobile GMail.

Donc aucun « problème » de ce type en utilisant sporadiquement le #webmail et, la plupart du temps, l'excellent #Thunderbird (et on me dit que #FairEmail est très bien aussi — et il y a plein d'autres possibilités, par exemple : https://search.f-droid.org/?q=mail)

search.f-droid.orgF-Droid Search: mail

**DomainKollektiv** @DomainKollektiv@mas.to · May 26

May 26

DomainKollektiv @DomainKollektiv@mas.to

Die Domains "klimail.de" & "klima-mail.de" suchen ein neues, #klimafreundlich|es Zuhause. Das alte Projekt wird leider beendet, wir würden uns freuen, wenn sie anderweitig im Sinne des #Klimaschutz|es weiterentwickelt werden könnten. Die Domains können einzeln oder zusammen übernommen werden, schreibt uns einfach, was ihr damit machen möchtet.

#KlimaMail #Klimail #Klima_Mail

**Teddy / Domingo (/)** @TeddyTheBest@framapiaf.org · May 20

May 20

Teddy / Domingo (/) @TeddyTheBest@framapiaf.org

'Operation RoundPress' Targets #Ukraine in #XSS #Webmail Attacks. A cyber-espionage campaign is targeting Ukrainian government entities with a series of sophisticated spear-#phishing #attacks that exploit XSS #vulnerabilities.
https://www.darkreading.com/threat-intelligence/operation-roundpress-ukraine-xss-webmail-attacks

**OTX Bot** @techbot@social.raytec.co · May 19

May 19

OTX Bot @techbot@social.raytec.co

Operation RoundPress targeting high-value webmail servers

ESET researchers have uncovered a Russia-aligned espionage operation named RoundPress, targeting high-value webmail servers through XSS vulnerabilities. The campaign, attributed to the Sednit group, aims to steal confidential data from specific email accounts. Initially focused on Roundcube in 2023, the operation expanded to include Horde, MDaemon, and Zimbra in 2024. The attackers exploit various vulnerabilities, including a zero-day in MDaemon, to inject malicious JavaScript code into victims' webmail pages. Targets include governmental entities and defense companies in Eastern Europe, with some victims in Africa, Europe, and South America. The malware, known as SpyPress, can steal webmail credentials, exfiltrate contacts and email messages, and in some cases, bypass two-factor authentication.

Pulse ID: 6829772f15beb81385e3cc8d
Pulse Link: https://otx.alienvault.com/pulse/6829772f15beb81385e3cc8d
Pulse Author: AlienVault
Created: 2025-05-18 05:59:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

#Africa #CyberSecurity #ESET

**OTX Bot** @techbot@social.raytec.co · May 15

May 15

OTX Bot @techbot@social.raytec.co

Operation RoundPress targeting high-value webmail servers

Operation RoundPress is a Russia-aligned espionage campaign targeting webmail servers through XSS vulnerabilities. The attackers, believed to be the Sednit group, use spearphishing emails to exploit vulnerabilities in Roundcube, Horde, MDaemon, and Zimbra webmail software. Their goal is to steal confidential data from specific email accounts. The operation expanded its targets in 2024, using both known and zero-day vulnerabilities. Victims include government entities and defense companies, primarily in Eastern Europe. The attackers employ various JavaScript payloads (SpyPress) to steal credentials, exfiltrate contacts and emails, and in some cases bypass two-factor authentication. The campaign demonstrates the ongoing threat to organizations with outdated webmail servers.

Pulse ID: 6825f54fbfa4e17e740f0dd6
Pulse Link: https://otx.alienvault.com/pulse/6825f54fbfa4e17e740f0dd6
Pulse Author: AlienVault
Created: 2025-05-15 14:08:15

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #EasternEurope #Email