Cyber Security News

Roundcube Webmail XSS Vulnerability Exposes Sensitive Data

by Esmeralda McKenzie
written by Esmeralda McKenzie
Roundcube Webmail XSS Vulnerability Exposes Sensitive Data

Roundcube Webmail XSS Vulnerability Exposes Sensitive Data

Roundcube Webmail XSS Vulnerability Exposes Aloof Files

RoundCube Webmail is a browser-essentially based, multilingual IMAP client. Its intensive feature direct comprises MIME enhance, take care of books, folder manipulation, message shopping, spell checking, and extra.

A daunting-living scripting (XSS) vulnerability tracked as CVE-2023-43770 in Roundcube has been discovered, which would possibly per chance consequence in info leakage thru malicious hyperlink references in undeniable/textual exclaim communications.

EHA

Roundcube Webmail 1.6.3 is now available. It affords a patch for a not too long ago discovered XSS vulnerability reported by Niraj Shivtarkar.

“We accurate revealed a security update to model 1.6 of Roundcube Webmail. Per the unlock notes, it presents a fix to a not too long ago reported XSS vulnerability”.

Among various aspects, Roundcube Webmail helps internationalized domains, shared folders and namespaces, and SMTP transport living notifications. Additionally, the IMAP folders’ person interface has been changed to allow extra condo for extensions and plug-ins.

Doc

FREE Demo

Deploy Evolved AI-Powered Electronic mail Safety Solution

Imposing AI-Powered Electronic mail security ideas “Trustifi” can stable your on-line industrial from in the present day’s most deadly email threats, such as Electronic mail Tracking, Blockading, Editing, Phishing, Epic Grab Over, Commercial Electronic mail Compromise, Malware & Ransomware

Changelog For Model 1.6.3

  • Fix malicious program the attach installto.sh/update.sh scripts were striking off some main ideas from the config file (#9051)
  • Replace jQuery-UI to model 1.13.2 (#9041)
  • Fix regression that broke use_secure_urls feature (#9052)
  • Fix attainable PHP fatal error when opening a message with message/rfc822 segment (#8953)
  • Fix malicious program the attach a duplicate designate in HTML email would possibly per chance reason some parts to be slash again off (#9029)</li> <li>Fix malicious program the attach an inventory of folders would possibly per chance have been sorted incorrectly (#9057)</li> <li>Fix regression the attach LDAP addressbook ‘filter’ probability changed into unnoticed (#9061)</li> <li>Fix frightening portray of a multi-folder search consequence when sorting by measurement (#9065)</li> <li>Fix so set up/update scripts construct not require PEAR (#9037)</li> <li>Fix regression the attach some mail parts would possibly per chance have been decoded incorrectly, or below no circumstances (#9096)</li> <li>Fix facing of an error case in Cyrus IMAP BINARY FETCH, fallback to non-binary FETCH (#9097)</li> <li>Fix PHP8 deprecation warning in the reconnect plugin (#9083)</li> <li>Fix “Display supply” on cell with x_frame_options = declare (#9084)</li> <li>Fix loads of PHP warnings (#9098)</li> <li>Fix deprecated exhaust of ldap_connect() in password’s ldap_simple driver (#9060)</li> <li>Fix frightening-living scripting (XSS) vulnerability in facing of linkrefs in undeniable textual exclaim messages</li> </ul> <p>The distant Debian 10 host has capabilities installed which would be tormented by this vulnerability. </p> <h2 class="wp-block-heading" id="h-fix-available"><span class="ez-toc-section" id="Fix_On_hand"></span><strong>Fix On hand</strong><span class="ez-toc-section-end"></span></h2> <p>Roundcube Webmail 1.6.3 is regarded as stable and it’s endorsed to update all productive installations of Roundcube 1.6.x with it.</p> <p>For Debian 10 buster, this wretchedness has been mounted in model 1.3.17+dfsg.1-1~deb10u3.</p> <p>Hence, it’s endorsed that you enhance your roundcube capabilities.</p> </p></div> <footer> <span class="td-page-meta" itemprop="author" itemscope itemtype="https://schema.org/Person"><meta itemprop="name" content="Guru Baran"></span><meta itemprop="datePublished" content="2023-09-25T14:32:57+00:00"><meta itemprop="dateModified" content="2023-09-25T14:32:58+00:00"><meta itemscope itemprop="mainEntityOfPage" itemtype="https://schema.org/WebPage" itemid="https://cybersecuritynews.com/roundcube-webmail-xss-vulnerability/"/><span class="td-page-meta" itemprop="publisher" itemscope itemtype="https://schema.org/Organization"><span class="td-page-meta" itemprop="logo" itemscope itemtype="https://schema.org/ImageObject"><meta itemprop="url" content="https://1.bp.blogspot.com/-vp43nx-312U/YHSCwgCvPeI/AAAAAAAAMec/Pw0rVItjYWUao52NVnvZ-4FvuUIFaycwACLcBGAsYHQ/s16000/Cyber-Security-News-2.png"></span><meta itemprop="name" content="Cyber Security News"></span><meta itemprop="headline " content="Roundcube Webmail XSS Vulnerability Exposes Sensitive Data"><span class="td-page-meta" itemprop="image" itemscope itemtype="https://schema.org/ImageObject"><meta itemprop="url" content="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhWzWYjQ_ArA8dhC3ij9yjs6FFCs_godLd1gvBT-hQq7GZjsRJIP4MHk1HAZYbK--jn1iB4h2thhEh25qNrI5kXDoSaTeu-w7soZem58QjiuQn7SmMUTkQY4go5obSf-K3r2YWMQZWBuMBjzsLDbBMIoAkeGhKvEWDCpb6l7GYukd9l7Hw_QQAKsfq99fes/s1600/Roundcube%20XSS%20flaw-1.webp"><meta itemprop="width" content="1600"><meta itemprop="height" content="900"></span> </footer> </p></div> <p>Source credit : cybersecuritynews.com</p> <!-- RatingBintangAjaib --> <div class="penci-single-link-pages"> </div> <div class="post-tags"> <a href="https://ynewsdaily.com/tag/cyber-security/" rel="tag">cyber security</a><a href="https://ynewsdaily.com/tag/cyber-security-news/" rel="tag">cyber security news</a><a href="https://ynewsdaily.com/tag/roundcube-webmail/" rel="tag">Roundcube Webmail</a><a href="https://ynewsdaily.com/tag/vulnerabilities/" rel="tag">Vulnerabilities</a> </div> </div> </div> <div class="penci-google-adsense-2"> <div id="HBai_9_Leaderboard_1" align="center"></div> </div> <div class="tags-share-box single-post-share tags-share-box-s1 center-box social-align-default disable-btnplus post-share"> <span class="single-comment-o"><i class="penci-faicon fa fa-comment-o" ></i>0 comment</span> <span class="post-share-item post-share-plike"> <span class="count-number-like">0</span><a href="#" aria-label="Like this post" class="penci-post-like single-like-button" data-post_id="4605" title="Like" data-like="Like" data-unlike="Unlike"><i class="penci-faicon fa fa-heart-o" ></i></a> </span> <a class="new-ver-share post-share-item post-share-facebook" aria-label="Share on Facebook" target="_blank" rel="noreferrer" href="https://www.facebook.com/sharer/sharer.php?u=https://ynewsdaily.com/roundcube-webmail-xss-vulnerability-exposes/"><i class="penci-faicon fa fa-facebook" ></i><span class="dt-share">Facebook</span></a><a class="new-ver-share post-share-item post-share-twitter" aria-label="Share on Twitter" target="_blank" rel="noreferrer" href="https://twitter.com/intent/tweet?text=Check%20out%20this%20article:%20Roundcube%20Webmail%20XSS%20Vulnerability%20Exposes%20Sensitive%20Data%20-%20https://ynewsdaily.com/roundcube-webmail-xss-vulnerability-exposes/"><i class="penci-faicon penciicon-x-twitter" ></i><span class="dt-share">Twitter</span></a><a class="new-ver-share post-share-item post-share-pinterest" aria-label="Pin to Pinterest" data-pin-do="none" rel="noreferrer" target="_blank" href="https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fynewsdaily.com%2Froundcube-webmail-xss-vulnerability-exposes%2F&media=https%3A%2F%2Fynewsdaily.com%2Fwp-content%2Fuploads%2F2024%2F07%2F4605-Roundcube-2520XSS-2520flaw-1.webp&description=Roundcube+Webmail+XSS+Vulnerability+Exposes+Sensitive+Data"><i class="penci-faicon fa fa-pinterest" ></i><span class="dt-share">Pinterest</span></a><a class="new-ver-share post-share-item post-share-email" target="_blank" aria-label="Share via Email" rel="noreferrer" href="mailto:?subject=Roundcube%20Webmail%20XSS%20Vulnerability%20Exposes%20Sensitive%20Data&BODY=https://ynewsdaily.com/roundcube-webmail-xss-vulnerability-exposes/"><i class="penci-faicon fa fa-envelope" ></i><span class="dt-share">Email</span></a><a class="post-share-item post-share-expand" href="#" aria-label="Share Expand"><i class="penci-faicon penciicon-add" ></i></a> </div> <div class="post-author abio-style-1 bioimg-round"> <div class="author-img"> <img alt='' src='https://secure.gravatar.com/avatar/13a63a0576458d218c534cdf7f2141df2d635caf4a3a62dcdeee0636bd7d195d?s=100&d=mm&r=g' srcset='https://secure.gravatar.com/avatar/13a63a0576458d218c534cdf7f2141df2d635caf4a3a62dcdeee0636bd7d195d?s=200&d=mm&r=g 2x' class='avatar avatar-100 photo' height='100' width='100' loading='lazy' decoding='async'/> </div> <div class="author-content"> <h5><a href="https://ynewsdaily.com/author/admin/" title="Author Esmeralda McKenzie" rel="author">Esmeralda McKenzie</a></h5> <p></p> <div class="bio-social"> <a rel="noreferrer" target="_blank" class="author-social" href="https://ynewsdaily.com"><i class="penci-faicon fa fa-globe" ></i></a> </div> </div> </div> <div class="post-pagination"> <div class="prev-post"> <div class="prev-post-inner"> <div class="prev-post-title"> <span>previous post</span> </div> <a href="https://ynewsdaily.com/sandman-apt-attacks-telcos-organizations/"> <div class="pagi-text"> <h5 class="prev-title">Sandman APT Attacks Telcos Organizations to Steal System Information</h5> </div> </a> </div> </div> <div class="next-post"> <div class="next-post-inner"> <div class="prev-post-title next-post-title"> <span>next post</span> </div> <a href="https://ynewsdaily.com/ransomware-group-claims-have-hacked/"> <div class="pagi-text"> <h5 class="next-title">Ransomware Group Claims to Have Hacked 'All Of Sony Systems'</h5> </div> </a> </div> </div> </div> <div class="pcrlt-style-1 post-related"> <div class="post-title-box"><h4 class="post-box-title">Related Posts</h4></div> <div class="swiper penci-owl-carousel penci-owl-carousel-slider penci-related-carousel" data-lazy="true" data-item="3" data-desktop="3" data-tablet="2" data-tabsmall="2" data-auto="false" data-speed="300" data-dots="true"> <div class="swiper-wrapper"> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6722-Hackers-2520Abuse-2520TryCloudflare-585x390.webp" href="https://ynewsdaily.com/hackers-abuse-trycloudflare-service-to-bypass-detection-and-deliver-malware/" title="Hackers Abuse TryCloudflare Service To Bypass Detection And Deliver Malware"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/hackers-abuse-trycloudflare-service-to-bypass-detection-and-deliver-malware/">Hackers Abuse TryCloudflare Service To Bypass Detection And...</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-08-02T10:49:57+00:00">August 2, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6716-Validation-2520Flaw-2520Leads-2520to-2520Code-2520Execution-585x390.webp" href="https://ynewsdaily.com/microsoft-edge-vulnerability-let-attackers-execute-arbitrary-code/" title="Microsoft Edge Vulnerability Let Attackers Execute Arbitrary Code"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/microsoft-edge-vulnerability-let-attackers-execute-arbitrary-code/">Microsoft Edge Vulnerability Let Attackers Execute Arbitrary Code</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-08-02T08:34:21+00:00">August 2, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6668-macOS-2520Malware-2520Disguise-2520as-2520Unarchiver-2520App-2520Steals-2520User-2520Data-585x390.webp" href="https://ynewsdaily.com/macos-malware-disguise-as-unarchiver-app-steals-user-data/" title="macOS Malware Disguise As Unarchiver App Steals User Data"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/macos-malware-disguise-as-unarchiver-app-steals-user-data/">macOS Malware Disguise As Unarchiver App Steals User...</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-08-01T07:54:40+00:00">August 1, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6678-20-2C275-2520VMware-2520ESXi-2520-2520Instances-2520Vulnerable-585x390.webp" href="https://ynewsdaily.com/20275-vmware-esxi-vulnerable-instances-exposed-microsoft-warns-of-massive-exploitation/" title="20,275 VMware ESXi Vulnerable Instances Exposed, Microsoft Warns of Massive Exploitation"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/20275-vmware-esxi-vulnerable-instances-exposed-microsoft-warns-of-massive-exploitation/">20,275 VMware ESXi Vulnerable Instances Exposed, Microsoft Warns...</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-07-31T14:22:55+00:00">July 31, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6676-DDoS-2520Attack-2520Leads-2520to-2520Global-2520Outage-2520-282-29-585x390.webp" href="https://ynewsdaily.com/ddos-attack-leads-to-microsoft-azure-global-outage/" title="DDoS Attack Leads to Microsoft Azure Global Outage"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/ddos-attack-leads-to-microsoft-azure-global-outage/">DDoS Attack Leads to Microsoft Azure Global Outage</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-07-31T08:37:55+00:00">July 31, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6660-Record-breaking-2520Ransom-2520Payment-2520-281-29-585x390.webp" href="https://ynewsdaily.com/record-breaking-ransom-payment-dark-angels-ransomware-received-75-million/" title="Record-breaking Ransom Payment: Dark Angels Ransomware Received $75 Million"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/record-breaking-ransom-payment-dark-angels-ransomware-received-75-million/">Record-breaking Ransom Payment: Dark Angels Ransomware Received $75...</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-07-31T03:41:19+00:00">July 31, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6688-Beware-2520of-2520Fake-2520Postal-2520Message-585x390.webp" href="https://ynewsdaily.com/iphone-users-beware-fake-postal-messages-stealing-your-login-credentials/" title="iPhone Users Beware! Fake Postal Messages Stealing Your Login Credentials"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/iphone-users-beware-fake-postal-messages-stealing-your-login-credentials/">iPhone Users Beware! Fake Postal Messages Stealing Your...</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-07-30T11:52:43+00:00">July 30, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6642-MOVEit-2520Privilege-2520Escalation-2520Vulnerability-585x390.webp" href="https://ynewsdaily.com/new-moveit-file-transfer-vulnerability-let-attackers-escalate-privileges/" title="New MOVEit File Transfer Vulnerability Let Attackers Escalate Privileges"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/new-moveit-file-transfer-vulnerability-let-attackers-escalate-privileges/">New MOVEit File Transfer Vulnerability Let Attackers Escalate...</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-07-30T11:03:26+00:00">July 30, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6644-Digicert-2520Thousands-2520of-2520Certificates-2520to-2520be-2520Revoked-585x390.webp" href="https://ynewsdaily.com/digicert-to-revoke-thousands-of-certificates-following-dns-validation-error/" title="DigiCert to Revoke Thousands of Certificates Following DNS Validation Error"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/digicert-to-revoke-thousands-of-certificates-following-dns-validation-error/">DigiCert to Revoke Thousands of Certificates Following DNS...</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-07-30T06:22:39+00:00">July 30, 2024</time></span> </div> </div> </div> <div class="item-related swiper-slide"> <div class="item-related-inner"> <a class="related-thumb penci-image-holder penci-lazy" data-bgset="https://ynewsdaily.com/wp-content/uploads/2025/04/6664-VMware-2520ESXi-2520Flaw-2520Exploited-2520by-2520Ransomware-2520Gangs-585x390.webp" href="https://ynewsdaily.com/ransomware-gangs-exploiting-vmware-esxi-auth-bypass-flaw-for-mass-attacks/" title="Ransomware Gangs Exploiting VMware ESXi Auth Bypass Flaw for Mass Attacks"> </a> <div class="related-content"> <h3> <a href="https://ynewsdaily.com/ransomware-gangs-exploiting-vmware-esxi-auth-bypass-flaw-for-mass-attacks/">Ransomware Gangs Exploiting VMware ESXi Auth Bypass Flaw...</a> </h3> <span class="date"><time class="entry-date published" datetime="2024-07-30T01:59:57+00:00">July 30, 2024</time></span> </div> </div> </div> </div><div class="penci-owl-dots"></div></div></div> <div class="post-comments no-comment-yet penci-comments-hide-0" id="comments"> </div> <!-- end comments div --> </article> </div> </div> <div id="sidebar" class="penci-sidebar-right penci-sidebar-content style-5 pcalign-left pciconp-right pcicon-right penci-sticky-sidebar"> <div class="theiaStickySidebar"> <aside id="penci_search_box_widget-2" class="widget penci_search_box_widget"><h3 class="widget-title penci-border-arrow"><span class="inner-arrow">Search</span></h3> <div class="pcwg-widget pc-widget-searchform penci-builder-element pc-search-form search-style-default"> <form role="search" method="get" class="pc-searchform" action="https://ynewsdaily.com/"> <div class="pc-searchform-inner"> <input type="text" class="search-input" placeholder="Type and hit enter..." name="s"/> <i class="penciicon-magnifiying-glass"></i> <button type="submit" class="searchsubmit">Search</button> </div> </form> </div> </aside><aside id="penci_latest_news_widget-2" class="widget penci_latest_news_widget"><h3 class="widget-title penci-border-arrow"><span class="inner-arrow">Recent Visitor Visit</span></h3> <ul id="penci-latestwg-5879" class="side-newsfeed"> <li class="penci-feed"> <div class="side-item"> <div class="side-image"> <a class="penci-image-holder penci-lazy small-fix-size" rel="bookmark" data-bgset="https://ynewsdaily.com/wp-content/uploads/2024/02/771-FBI-2520says-2520stop-2520using-2520free-2520public-2520charging-2520ports-263x175.webp" href="https://ynewsdaily.com/fbi-has-warned-people-avoid/" title="FBI has Warned People to Avoid Free Public Charging Ports"></a> </div> <div class="side-item-text"> <h4 class="side-title-post"> <a href="https://ynewsdaily.com/fbi-has-warned-people-avoid/" rel="bookmark" title="FBI has Warned People to Avoid Free Public Charging Ports"> FBI has Warned People to Avoid Free Public Charging Ports </a> </h4> </div> </div> </li> <li class="penci-feed"> <div class="side-item"> <div class="side-image"> <a class="penci-image-holder penci-lazy small-fix-size" rel="bookmark" data-bgset="https://ynewsdaily.com/wp-content/uploads/2024/07/5235-WIREFIRE-2520Web-2520Shell-2520Attacking-2520Ivanti-2520VPN-1-263x175.webp" href="https://ynewsdaily.com/python-based-wirefire-web-shell/" title="Python based WIREFIRE web shell Attacking Ivanti Connect Secure (ICS) VPN appliances"></a> </div> <div class="side-item-text"> <h4 class="side-title-post"> <a href="https://ynewsdaily.com/python-based-wirefire-web-shell/" rel="bookmark" title="Python based WIREFIRE web shell Attacking Ivanti Connect Secure (ICS) VPN appliances"> Python based WIREFIRE web shell Attacking Ivanti Connect Secure (ICS) VPN appliances </a> </h4> </div> </div> </li> <li class="penci-feed"> <div class="side-item"> <div class="side-image"> <a class="penci-image-holder penci-lazy small-fix-size" rel="bookmark" data-bgset="https://ynewsdaily.com/wp-content/uploads/2024/07/2135-Facebook-2520Business-2520Accounts-2520Targeted-263x175.webp" href="https://ynewsdaily.com/new-cyber-attack-targeting-facebook/" title="New Cyber Attack Targeting Facebook Business Accounts"></a> </div> <div class="side-item-text"> <h4 class="side-title-post"> <a href="https://ynewsdaily.com/new-cyber-attack-targeting-facebook/" rel="bookmark" title="New Cyber Attack Targeting Facebook Business Accounts"> New Cyber Attack Targeting Facebook Business Accounts </a> </h4> </div> </div> </li> <li class="penci-feed"> <div class="side-item"> <div class="side-image"> <a class="penci-image-holder penci-lazy small-fix-size" rel="bookmark" data-bgset="https://ynewsdaily.com/wp-content/uploads/2024/02/1199-Thirteen-2520New-2520Vulnerabilities-2520in-2520BMC-2520Firmware-2520Expose-2520OT-2520-2665dffc28cf7e4-263x175." href="https://ynewsdaily.com/new-vulnerabilities-bmc-firmware-let/" title="13 New Vulnerabilities in BMC Firmware Let Hackers Launch Remote Attacks on OT & IoT Networks"></a> </div> <div class="side-item-text"> <h4 class="side-title-post"> <a href="https://ynewsdaily.com/new-vulnerabilities-bmc-firmware-let/" rel="bookmark" title="13 New Vulnerabilities in BMC Firmware Let Hackers Launch Remote Attacks on OT & IoT Networks"> 13 New Vulnerabilities in BMC Firmware Let Hackers Launch Remote Attacks on OT & IoT Networks </a> </h4> </div> </div> </li> <li class="penci-feed"> <div class="side-item"> <div class="side-image"> <a class="penci-image-holder penci-lazy small-fix-size" rel="bookmark" data-bgset="https://ynewsdaily.com/wp-content/uploads/2024/07/4543-Arid-2520Viper-2520Android-2520Apps-2520Exfiltrate-2520Login-263x175.webp" href="https://ynewsdaily.com/arid-viper-weaponizing-android-apps/" title="Arid Viper Weaponizing Android Apps To Exfiltrate Login Details"></a> </div> <div class="side-item-text"> <h4 class="side-title-post"> <a href="https://ynewsdaily.com/arid-viper-weaponizing-android-apps/" rel="bookmark" title="Arid Viper Weaponizing Android Apps To Exfiltrate Login Details"> Arid Viper Weaponizing Android Apps To Exfiltrate Login Details </a> </h4> </div> </div> </li> <li class="penci-feed"> <div class="side-item"> <div class="side-image"> <a class="penci-image-holder penci-lazy small-fix-size" rel="bookmark" data-bgset="https://ynewsdaily.com/wp-content/uploads/2024/12/HubPhish-Exploits-HubSpot-Tools-to-Target-20000-European-Users-for-263x175.png" href="https://ynewsdaily.com/hubphish-exploits-hubspot-tools-target/" title="HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft"></a> </div> <div class="side-item-text"> <h4 class="side-title-post"> <a href="https://ynewsdaily.com/hubphish-exploits-hubspot-tools-target/" rel="bookmark" title="HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft"> HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft </a> </h4> </div> </div> </li> </ul> </aside> </div> </div> </div> </div> </div> <div class="clear-footer"></div> <footer id="footer-section" class="penci-footer-social-media penci-lazy footer-social-remove-circle " itemscope itemtype="https://schema.org/WPFooter"> <div class="container"> <div class="footer-logo-copyright footer-not-logo footer-not-gotop"> <div class="footer-menu-wrap" role="navigation" itemscope itemtype="https://schema.org/SiteNavigationElement"> <div class="footer-menu"><ul> <li class="page_item page-item-6573"><a href="https://ynewsdaily.com/about-us-2/">About Us</a></li> <li class="page_item page-item-6582"><a href="https://ynewsdaily.com/about-us/">About Us</a></li> <li class="page_item page-item-6574"><a href="https://ynewsdaily.com/contact-us-2/">Contact Us</a></li> <li class="page_item page-item-6583"><a href="https://ynewsdaily.com/contact-us/">Contact Us</a></li> <li class="page_item page-item-6576"><a href="https://ynewsdaily.com/cookies-policy-2/">Cookies Policy</a></li> <li class="page_item page-item-6585"><a href="https://ynewsdaily.com/cookies-policy/">Cookies Policy</a></li> <li class="page_item page-item-6577"><a href="https://ynewsdaily.com/disclaimer-2/">Disclaimer</a></li> <li class="page_item page-item-6586"><a href="https://ynewsdaily.com/disclaimer/">Disclaimer</a></li> <li class="page_item page-item-6575"><a href="https://ynewsdaily.com/dmca-2/">DMCA</a></li> <li class="page_item page-item-6584"><a href="https://ynewsdaily.com/dmca/">DMCA</a></li> <li class="page_item page-item-6578"><a href="https://ynewsdaily.com/privacy-policy-2/">Privacy Policy</a></li> <li class="page_item page-item-6587"><a href="https://ynewsdaily.com/privacy-policy/">Privacy Policy</a></li> <li class="page_item page-item-6579"><a href="https://ynewsdaily.com/terms-and-conditions-2/">Terms and Conditions</a></li> <li class="page_item page-item-6588"><a href="https://ynewsdaily.com/terms-and-conditions/">Terms and Conditions</a></li> </ul></div> </div> <div id="footer-copyright"> <p>@2024 - ynewsdaily.com</p> </div> </div> </div> </footer> </div><!-- End .wrapper-boxed --> <div class="penci-go-to-top-floating"><i class="penciicon-up-chevron"></i></div> <a href="#" id="close-sidebar-nav" class="header-2"><i class="penci-faicon fa fa-close" ></i></a> <nav id="sidebar-nav" class="header-2" role="navigation" itemscope itemtype="https://schema.org/SiteNavigationElement"> <div id="sidebar-nav-logo"> <a href="https://ynewsdaily.com/"><img class="penci-lazy sidebar-nav-logo penci-limg" data-darklogo="https://ynewsdaily.com/wp-content/uploads/2024/03/ynewsdaily.png" src="data:image/svg+xml,%3Csvg%20xmlns='http://www.w3.org/2000/svg'%20viewBox='0%200%203%202'%3E%3C/svg%3E" width="" height="" data-src="https://ynewsdaily.com/wp-content/uploads/2024/03/ynewsdaily.png" data-lightlogo="https://ynewsdaily.com/wp-content/uploads/2024/03/ynewsdaily.png" alt="ynewsdaily"/></a> </div> <div class="header-social sidebar-nav-social"> <div class="inner-header-social"> <a href="https://www.facebook.com/PenciDesign" aria-label="Facebook" rel="noreferrer" target="_blank"><i class="penci-faicon fa fa-facebook" ></i></a> <a href="https://twitter.com/PenciDesign" aria-label="Twitter" rel="noreferrer" target="_blank"><i class="penci-faicon penciicon-x-twitter" ></i></a> <a href="#" aria-label="Instagram" rel="noreferrer" target="_blank"><i class="penci-faicon fa fa-instagram" ></i></a> <a href="#" aria-label="Youtube" rel="noreferrer" target="_blank"><i class="penci-faicon fa fa-youtube-play" ></i></a> <a href="#" aria-label="Snapchat" rel="noreferrer" target="_blank"><i class="penci-faicon fa fa-snapchat" ></i></a> <a href="#" aria-label="Reddit" rel="noreferrer" target="_blank"><i class="penci-faicon fa fa-reddit-alien" ></i></a> <a href="#" aria-label="Rss" rel="noreferrer" target="_blank"><i class="penci-faicon fa fa-rss" ></i></a> </div> </div> <ul id="menu-menu-atas-1" class="menu"><li class="menu-item menu-item-type-taxonomy menu-item-object-category current-post-ancestor current-menu-parent current-post-parent ajax-mega-menu menu-item-1730"><a href="https://ynewsdaily.com/category/cyber-security-news/">Cyber Security News</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category ajax-mega-menu menu-item-1731"><a href="https://ynewsdaily.com/category/cyber-attack/">Cyber Attack</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category ajax-mega-menu menu-item-1732"><a href="https://ynewsdaily.com/category/cyber-security/">Cyber Security</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category ajax-mega-menu menu-item-1733"><a href="https://ynewsdaily.com/category/android/">Android</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category ajax-mega-menu menu-item-1734"><a href="https://ynewsdaily.com/category/malware/">Malware</a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category ajax-mega-menu menu-item-1735"><a href="https://ynewsdaily.com/category/technology/">Technology</a></li> </ul> </nav> <script type="speculationrules"> {"prefetch":[{"source":"document","where":{"and":[{"href_matches":"\/*"},{"not":{"href_matches":["\/wp-*.php","\/wp-admin\/*","\/wp-content\/uploads\/*","\/wp-content\/*","\/wp-content\/plugins\/*","\/wp-content\/themes\/soledad\/*","\/*\\?(.+)"]}},{"not":{"selector_matches":"a[rel~=\"nofollow\"]"}},{"not":{"selector_matches":".no-prefetch, .no-prefetch a"}}]},"eagerness":"conservative"}]} </script> <!--copyscapeskip--> <aside id="moove_gdpr_cookie_info_bar" class="moove-gdpr-info-bar-hidden moove-gdpr-align-center moove-gdpr-dark-scheme gdpr_infobar_postion_bottom" aria-label="GDPR Cookie Banner" style="display: none;"> <div class="moove-gdpr-info-bar-container"> <div class="moove-gdpr-info-bar-content"> <div class="moove-gdpr-cookie-notice"> <p>We are using cookies to give you the best experience on our website.</p><p>You can find out more about which cookies we are using or switch them off in <button data-href="#moove_gdpr_cookie_modal" class="change-settings-button">settings</button>.</p></div> <!-- .moove-gdpr-cookie-notice --> <div class="moove-gdpr-button-holder"> <button class="mgbutton moove-gdpr-infobar-allow-all gdpr-fbo-0" aria-label="Accept" >Accept</button> </div> <!-- .button-container --> </div> <!-- moove-gdpr-info-bar-content --> </div> <!-- moove-gdpr-info-bar-container --> </aside> <!-- #moove_gdpr_cookie_info_bar --> <!--/copyscapeskip--> <script id="penci-dm-checking" type="text/javascript">function penci_dmgetcookie(cname) { let name = cname + "="; let decodedCookie = decodeURIComponent(document.cookie); let ca = decodedCookie.split(';'); for (let i = 0; i < ca.length; i++) { let c = ca[i]; while (c.charAt(0) == ' ') { c = c.substring(1); } if (c.indexOf(name) == 0) { return c.substring(name.length, c.length); } } return ""; } if ( penci_dark.darkmode ) { document.cookie = "penci_mode=dark; path=/"; } let alllogos = document.querySelectorAll('.penci-limg'), body = document.querySelector('body'), autoby = penci_dark.auto_by, darktheme = penci_dark.darktheme, hr = (new Date()).getHours(), cv = penci_dmgetcookie('penci_mode'), cc, lc = 'pclight-mode', dc = 'pcdark-mode'; if (darktheme !== '') { cc = 'pcdm-enable'; } if (autoby === 'os' && !darktheme && window.matchMedia && window.matchMedia('(prefers-color-scheme: dark)').matches) { body.classList.remove('pcdm-enable', 'pclight-mode') body.classList.add(dc, 'pcdm-enable'); document.cookie = "penci_mode=dark; path=/"; alllogos.forEach((alllogo) => { var lgimg = alllogo.getAttribute('data-darklogo'); if (lgimg !== null) { alllogo.src = lgimg; alllogo.setAttribute('data-src', lgimg); } }); } else if (autoby === 'os' && window.matchMedia && window.matchMedia('(prefers-color-scheme: light)').matches) { body.classList.remove('pcdm-enable', 'pcdark-mode') body.classList.add(lc, cc); document.cookie = "penci_mode=light; path=/"; alllogos.forEach((alllogo) => { var lgimg = alllogo.getAttribute('data-lightlogo'); if (lgimg !== null) { alllogo.src = lgimg; alllogo.setAttribute('data-src', lgimg); } }); } if ((autoby === 'time' && hr > 18) || cv === 'dark') { body.classList.remove('pcdm-enable', 'pclight-mode') body.classList.add(dc, 'pcdm-enable'); document.cookie = "penci_mode=dark; path=/"; alllogos.forEach((alllogo) => { var lgimg = alllogo.getAttribute('data-darklogo'); if (lgimg !== null) { alllogo.src = lgimg; alllogo.setAttribute('data-src', lgimg); } }); } else if (autoby === 'time' || cv === 'light') { body.classList.remove('pcdm-enable', 'pcdark-mode') body.classList.add(lc, cc); document.cookie = "penci_mode=light; path=/"; alllogos.forEach((alllogo) => { var lgimg = alllogo.getAttribute('data-lightlogo'); if (lgimg !== null) { alllogo.src = lgimg; alllogo.setAttribute('data-src', lgimg); } }); } </script><script type="text/javascript" id="ez-toc-scroll-scriptjs-js-extra"> /* <![CDATA[ */ var eztoc_smooth_local = {"scroll_offset":"30","add_request_uri":""}; /* ]]> */ </script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/plugins/easy-table-of-contents/assets/js/smooth_scroll.min.js?ver=2.0.62" id="ez-toc-scroll-scriptjs-js"></script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1" id="ez-toc-js-cookie-js"></script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2" id="ez-toc-jquery-sticky-kit-js"></script> <script type="text/javascript" id="ez-toc-js-js-extra"> /* <![CDATA[ */ var ezTOC = {"smooth_scroll":"1","visibility_hide_by_default":"","scroll_offset":"30","fallbackIcon":"<span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span>"}; /* ]]> */ </script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.62-1743167084" id="ez-toc-js-js"></script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/themes/soledad/js/js-cookies.js?ver=8.4.5" id="js-cookies-js"></script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/themes/soledad/js/penci-lazy.js?ver=8.4.5" id="pc-lazy-js"></script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/themes/soledad/js/libs-script.min.js?ver=8.4.5" id="penci-libs-js-js"></script> <script type="text/javascript" id="main-scripts-js-extra"> /* <![CDATA[ */ var ajax_var_more = {"url":"https:\/\/ynewsdaily.com\/wp-admin\/admin-ajax.php","nonce":"af5b27cf5f","errorPass":"<p class=\"message message-error\">Password does not match the confirm password<\/p>","login":"Email Address","password":"Password","headerstyle":"default","reading_bar_pos":"footer","reading_bar_h":"5","carousel_e":"swing","slider_e":"creative","fcarousel_e":"swing","fslider_e":"creative","vfloat":"","vfloatp":"bottom-right"}; /* ]]> */ </script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/themes/soledad/js/main.js?ver=8.4.5" id="main-scripts-js"></script> <script type="text/javascript" id="penci_ajax_like_post-js-extra"> /* <![CDATA[ */ var ajax_var = {"url":"https:\/\/ynewsdaily.com\/wp-admin\/admin-ajax.php","nonce":"af5b27cf5f","errorPass":"<p class=\"message message-error\">Password does not match the confirm password<\/p>","login":"Email Address","password":"Password","headerstyle":"default","reading_bar_pos":"footer","reading_bar_h":"5","carousel_e":"swing","slider_e":"creative","fcarousel_e":"swing","fslider_e":"creative","vfloat":"","vfloatp":"bottom-right"}; /* ]]> */ </script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/themes/soledad/js/post-like.js?ver=8.4.5" id="penci_ajax_like_post-js"></script> <script type="text/javascript" src="https://ynewsdaily.com/wp-includes/js/comment-reply.min.js?ver=6.8.1" id="comment-reply-js" async="async" data-wp-strategy="async"></script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/themes/soledad/js/inview.js?ver=8.4.5" id="jquery.inview-js"></script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/themes/soledad/js/sticky_share.js?ver=8.4.5" id="penci-sticky-share-js"></script> <script type="text/javascript" id="moove_gdpr_frontend-js-extra"> /* <![CDATA[ */ var moove_frontend_gdpr_scripts = {"ajaxurl":"https:\/\/ynewsdaily.com\/wp-admin\/admin-ajax.php","post_id":"4605","plugin_dir":"https:\/\/ynewsdaily.com\/wp-content\/plugins\/gdpr-cookie-compliance","show_icons":"all","is_page":"","ajax_cookie_removal":"false","strict_init":"1","enabled_default":{"third_party":0,"advanced":0},"geo_location":"false","force_reload":"false","is_single":"1","hide_save_btn":"false","current_user":"0","cookie_expiration":"365","script_delay":"2000","close_btn_action":"1","close_btn_rdr":"","scripts_defined":"{\"cache\":true,\"header\":\"\",\"body\":\"\",\"footer\":\"\",\"thirdparty\":{\"header\":\"\",\"body\":\"\",\"footer\":\"\"},\"advanced\":{\"header\":\"\",\"body\":\"\",\"footer\":\"\"}}","gdpr_scor":"true","wp_lang":""}; /* ]]> */ </script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.13.1" id="moove_gdpr_frontend-js"></script> <script type="text/javascript" id="moove_gdpr_frontend-js-after"> /* <![CDATA[ */ var gdpr_consent__strict = "false" var gdpr_consent__thirdparty = "false" var gdpr_consent__advanced = "false" var gdpr_consent__cookies = "" /* ]]> */ </script> <script type="text/javascript" id="penci_widgets_ajax-js-extra"> /* <![CDATA[ */ var penci_widgets_ajax = {"url":"https:\/\/ynewsdaily.com\/wp-admin\/admin-ajax.php","nonce":"d5805d7cf0"}; /* ]]> */ </script> <script type="text/javascript" src="https://ynewsdaily.com/wp-content/themes/soledad/js/widgets-ajax.js?ver=8.4.5" id="penci_widgets_ajax-js"></script> <!--copyscapeskip--> <!-- V1 --> <div id="moove_gdpr_cookie_modal" class="gdpr_lightbox-hide" role="complementary" aria-label="GDPR Settings Screen"> <div class="moove-gdpr-modal-content moove-clearfix logo-position-left moove_gdpr_modal_theme_v1"> <button class="moove-gdpr-modal-close" aria-label="Close GDPR Cookie Settings"> <span class="gdpr-sr-only">Close GDPR Cookie Settings</span> <span class="gdpr-icon moovegdpr-arrow-close"></span> </button> <div class="moove-gdpr-modal-left-content"> <div class="moove-gdpr-company-logo-holder"> <img src="https://ynewsdaily.com/wp-content/plugins/gdpr-cookie-compliance/dist/images/gdpr-logo.png" alt="ynewsdaily" width="350" height="233" class="img-responsive" /> </div> <!-- .moove-gdpr-company-logo-holder --> <ul id="moove-gdpr-menu"> <li class="menu-item-on menu-item-privacy_overview menu-item-selected"> <button data-href="#privacy_overview" class="moove-gdpr-tab-nav" aria-label="Privacy Overview"> <span class="gdpr-nav-tab-title">Privacy Overview</span> </button> </li> <li class="menu-item-strict-necessary-cookies menu-item-off"> <button data-href="#strict-necessary-cookies" class="moove-gdpr-tab-nav" aria-label="Strictly Necessary Cookies"> <span class="gdpr-nav-tab-title">Strictly Necessary Cookies</span> </button> </li> </ul> <div class="moove-gdpr-branding-cnt"> <a href="https://wordpress.org/plugins/gdpr-cookie-compliance/" rel="noopener noreferrer" target="_blank" class='moove-gdpr-branding'>Powered by  <span>GDPR Cookie Compliance</span></a> </div> <!-- .moove-gdpr-branding --> </div> <!-- .moove-gdpr-modal-left-content --> <div class="moove-gdpr-modal-right-content"> <div class="moove-gdpr-modal-title"> </div> <!-- .moove-gdpr-modal-ritle --> <div class="main-modal-content"> <div class="moove-gdpr-tab-content"> <div id="privacy_overview" class="moove-gdpr-tab-main"> <span class="tab-title">Privacy Overview</span> <div class="moove-gdpr-tab-main-content"> <p>This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.</p> </div> <!-- .moove-gdpr-tab-main-content --> </div> <!-- #privacy_overview --> <div id="strict-necessary-cookies" class="moove-gdpr-tab-main" style="display:none"> <span class="tab-title">Strictly Necessary Cookies</span> <div class="moove-gdpr-tab-main-content"> <p>Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.</p> <div class="moove-gdpr-status-bar "> <div class="gdpr-cc-form-wrap"> <div class="gdpr-cc-form-fieldset"> <label class="cookie-switch" for="moove_gdpr_strict_cookies"> <span class="gdpr-sr-only">Enable or Disable Cookies</span> <input type="checkbox" aria-label="Strictly Necessary Cookies" value="check" name="moove_gdpr_strict_cookies" id="moove_gdpr_strict_cookies"> <span class="cookie-slider cookie-round" data-text-enable="Enabled" data-text-disabled="Disabled"></span> </label> </div> <!-- .gdpr-cc-form-fieldset --> </div> <!-- .gdpr-cc-form-wrap --> </div> <!-- .moove-gdpr-status-bar --> <div class="moove-gdpr-strict-warning-message" style="margin-top: 10px;"> <p>If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.</p> </div> <!-- .moove-gdpr-tab-main-content --> </div> <!-- .moove-gdpr-tab-main-content --> </div> <!-- #strict-necesarry-cookies --> </div> <!-- .moove-gdpr-tab-content --> </div> <!-- .main-modal-content --> <div class="moove-gdpr-modal-footer-content"> <div class="moove-gdpr-button-holder"> <button class="mgbutton moove-gdpr-modal-allow-all button-visible" aria-label="Enable All">Enable All</button> <button class="mgbutton moove-gdpr-modal-save-settings button-visible" aria-label="Save Settings">Save Settings</button> </div> <!-- .moove-gdpr-button-holder --> </div> <!-- .moove-gdpr-modal-footer-content --> </div> <!-- .moove-gdpr-modal-right-content --> <div class="moove-clearfix"></div> </div> <!-- .moove-gdpr-modal-content --> </div> <!-- #moove_gdpr_cookie_modal --> <!--/copyscapeskip--> <script async src="https://t.seedtag.com/t/2354-1658-01.js"></script> </body> </html>