> EssentialInfoSec
Home / Feb 24, 2026 / Story
0
#5 BleepingComputer general February 23, 2026 at 11:44 UTC

CISA: Recently patched RoundCube flaws now exploited in attacks

By Sergiu Gatlan

AI Summary

CISA added two recently patched RoundCube Webmail vulnerabilities to its Known Exploited Vulnerabilities catalog after detecting active exploitation in attacks, ordering federal agencies to patch within three weeks. The XSS flaws in the widely-used webmail platform affect SVG document processing capabilities.

Read full article → https://www.bleepingcomputer.com/news/security/cis…

Relevance score: 83.0/100

# More from February 24

  1. 1
    600+ FortiGate Devices Hacked by AI-Armed Amateur Dark Reading
  2. 2
    Android mental health apps with 14.7M installs filled with security flaws BleepingComputer
  3. 3
    APT28 Targeted European Entities Using Webhook-Based Macro Malware The Hacker News
  4. 4
    Iran's MuddyWater Targets Orgs With Fresh Malware as Tensions Mount Dark Reading
  5. 6
    Spitting Cash: ATM Jackpotting Attacks Surged in 2025 Dark Reading
  6. 7
    Mississippi Hospital System Closes All Clinics After Ransomware Attack SecurityWeek
  7. 8
    US Healthcare Diagnostic Firm Says 140,000 Affected by Data Breach SecurityWeek
  8. 9
    Malicious npm Packages Harvest Crypto Keys, CI Secrets, and API Tokens The Hacker News
  9. 10
    Romanian Hacker Pleads Guilty to Selling Access to US State Network SecurityWeek