Information security
fromThe Hacker News
6 days agoZimbra Zero-Day Exploited to Target Brazilian Military via Malicious ICS Files
A stored XSS in Zimbra Classic Web Client (CVE-2025-27915) enabled arbitrary JavaScript execution, leading to data theft and email redirection from targeted accounts.