Possibly Russian government -backed actors hacked several high -value mail servers around the world by exploiting the dangers of XSS, a section of a problem that was one of the most exploited in the past decades.
XSS short for cross site scripting. The result of the defects is the result of programming errors found in web server software that, when exploited, allow the attackers to implement malicious code in the browsers of the affected website. XSS first paid attention to 2005, with its creation Semi -wormWho dropped MySpace out of the commission when he added more than a million MySpace friends to a user named Sammy. The XSS exploitation has increased by the next decade and has gradually stirred it recently, even though the attacks of this class. Now continues.
Just add JavaScript
On Thursday, Security Firm East Reported This Sydnet, a Kremlin-backed hacking group also tracked APT8, Fancy Beer, Forest Blizzard, and Sophyi-exploiting XSS risks in mail server software from different makers by exploiting high-cost email accounts. Those packages are: round cubes, mdaemon, group, and Zimbra.
Hex recently targeted mail servers used by defense contractors in Bulgaria and Romania, some of which are preparing the Soviet -era weapons for use in Ukraine because it prevents attacks from Russia. Government organizations were also targeted in these countries. Other goals include governments in Africa, the European Union, and South America.
Roundpress, as East has named the operation, presented XSS works through speaking emails. The emails were an XSS hidden within some of the HTML. In 2023, ESET observed Sednit Exploit CV-2020-43770A weakness that is followed by the round cubes. A year later, East saw Sydnett in Horde, Madamon and Zimbra exploit the dangers of various XSS. One of the weaknesses emerging from Madamone now was zero day when Sydnets exploited it.