{"id":2523,"date":"2025-05-16T21:32:07","date_gmt":"2025-05-16T21:32:07","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=2523"},"modified":"2025-05-16T21:32:07","modified_gmt":"2025-05-16T21:32:07","slug":"sednit-abuses-xss-flaws-to-hit-govt-entities-protection-firms","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=2523","title":{"rendered":"Sednit abuses XSS flaws to hit gov&#8217;t entities, protection firms"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p class=\"sub-title\">Operation RoundPress targets webmail software program to steal secrets and techniques from electronic mail accounts belonging primarily to governmental organizations in Ukraine and protection contractors within the EU<\/p>\n<div class=\"article-authors d-flex flex-wrap\">\n<div class=\"article-author d-flex\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/our-experts\/editor\/\" title=\"Editor\"><picture><source srcset=\"https:\/\/web-assets.esetstatic.com\/tn\/-x45\/wls\/2013\/12\/pen-tip-200.png\" media=\"(max-width: 768px)\"\/><img decoding=\"async\" class=\"author-image me-3\" src=\"https:\/\/web-assets.esetstatic.com\/tn\/-x45\/wls\/2013\/12\/pen-tip-200.png\" alt=\"Editor\"\/><\/picture><\/a><\/div>\n<\/div>\n<p class=\"article-info mb-5\">\n        <span>15 Might 2025<\/span>\n    <\/p>\n<\/div>\n<div>\n<p>ESET researchers have found a cyberespionage operation that abuses cross-site scripting (XSS) vulnerabilities, together with a zero-day XSS flaw in MDaemon webmail software program, to steal confidential info from particular electronic mail accounts belonging to officers working for varied governmental organizations in Ukraine and protection contractors in Europe and on different continents.<\/p>\n<p>Operation RoundPress, so nicknamed by ESET, is most likely the work of the Russia-aligned Sednit APT group, who first took purpose at Roundcube, however later expanded its concentrating on to different webmail software program, together with Horde, MDaemon, and Zimbra. In some instances, the attackers even circumvented two-factor (2FA) authentication.<\/p>\n<p>What else is there to know concerning the operation\u2019s techniques, strategies, and procedures? Be taught from ESET Chief Safety Evangelist <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/our-experts\/tony-anscombe\/\">Tony Anscombe<\/a> within the video and ensure to learn the total <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.welivesecurity.com\/en\/eset-research\/operation-roundpress\/\">blogpost<\/a>.<\/p>\n<p><iframe class=\"embed-video\" title=\"\" src=\"https:\/\/www.youtube-nocookie.com\/embed\/Ru20ing8TC8\"><\/iframe><\/p>\n<blockquote>\n<p>Join with us on\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.facebook.com\/eset\">Fb<\/a>, <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/ESET\" target=\"_blank\" rel=\"noopener\">X<\/a>,\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.linkedin.com\/company\/eset\/\">LinkedIn<\/a>\u00a0and\u00a0<a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.instagram.com\/eset\/\">Instagram<\/a>.<\/p>\n<\/blockquote>\n<\/div>\n<p><template id="jRi4oRCgAsRxv5cYTuAU"></template><\/script><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Operation RoundPress targets webmail software program to steal secrets and techniques from electronic mail accounts belonging primarily to governmental organizations in Ukraine and protection contractors within the EU 15 Might 2025 ESET researchers have found a cyberespionage operation that abuses cross-site scripting (XSS) vulnerabilities, together with a zero-day XSS flaw in MDaemon webmail software program, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":2525,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[2455,399,397,2458,1812,2457,2080,2454,2456],"class_list":["post-2523","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-abuses","tag-companies","tag-defense","tag-entities","tag-flaws","tag-govt","tag-hit","tag-sednit","tag-xss"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/2523","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2523"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/2523\/revisions"}],"predecessor-version":[{"id":2524,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/2523\/revisions\/2524"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/2525"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-05-28 07:16:16 UTC -->