Hackers Exploiting Zimbra 0-day to Attack

Google’s Threat Analysis Group found a bug in open-source software Zimbra Collaboration, which is used by over 5,000 companies across the globe. The bug, known as CVE-2023-37580, was exploited by four different groups who stole email data, user credentials and authentication tokens. Zimbra Collaboration users must keep their software updated and promptly apply security updates to stay protected.