Zimbra XSS exploited by TEMP_HERETIC APT against European government email. Apply Zimbra patches immediately. Threat actor used CVE-2022-24682 to gain initial access then chained with RCE bugs. Audit admin account activity.
Zimbra Collaboration webmail client XSS vulnerability exploited by TEMP_HERETIC to steal email accounts of European government organizations.
Supernova subscribers receive AI-triaged CVE alerts the moment they're published — before the PoC drops.
Start Supernova — $99/mo →