{"uuid": "ea7f0f45-c7ae-4287-b139-0d0436a4711d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42009", "type": "seen", "source": "https://thehackernews.com/2026/07/suspected-china-aligned-hackers-exploit.html", "content": "A suspected China-aligned threat activity cluster has been observed exploiting Roundcube webmail software belonging to physics and engineering departments of U.S. and Canadian universities as part of a new campaign.\n\nThe activity involves the exploitation of now-patched, critical security flaws in the open-source email solution, such as CVE-2024-42009 (CVSS score: 9.3), to siphon credentials,", "creation_timestamp": "2026-07-08T01:00:53.421201Z"}