Ich hasse ja Dokumentation schreiben, aus ganzem Herzen.
Habe eben wieder eine Stunde in die User-Doku meines Servers gesteckt und "gerade mal" das Einbinden von ownCloud Adressbuechern in Roundcube geschafft.
Morgen geht's weiter.
Ich hasse ja Dokumentation schreiben, aus ganzem Herzen.
Habe eben wieder eine Stunde in die User-Doku meines Servers gesteckt und "gerade mal" das Einbinden von ownCloud Adressbuechern in Roundcube geschafft.
Morgen geht's weiter.
I switched my email hosting to Tuta and really like it but there is a lot of spam. I am certain it is not Tuta's fault and it will get better as I report it but it goes to show how good the spam detection at RoundCube was because I rarely got spam there.
(The RoundCube account was attached to my web host which went out of business. They gave me no means to keep the email.)
#email #Tuta #RoundCube #tech
#Roundcube Webmail: Mehr als 10.000 verwundbare Instanzen in Deutschland | Security https://www.heise.de/news/Roundcube-Webmail-Mehr-als-10-000-verwundbare-Instanzen-in-Deutschland-10441859.html #RoundcubeWebmail #Patchday
Alle RoundCube-Instanzen unter meiner Verwaltung sind aktuell und gegen die kursierende Lücke gesichert.
Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited – Source: securityaffairs.com https://ciso2ciso.com/over-80000-servers-hit-as-roundcube-rce-bug-gets-rapidly-exploited-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Roundcube #hacking
Over 84,000 #Roundcube instances vulnerable to actively exploited flaw
U.S. #CISA adds #RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/178843/hacking/u-s-cisa-adds-roundcube-erlang-erlang-flaws-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking
Hacker selling critical #Roundcube #webmail exploit as tech info disclosed
𝐄𝐫𝐧𝐬𝐭𝐢𝐠𝐞 𝐤𝐰𝐞𝐭𝐬𝐛𝐚𝐚𝐫𝐡𝐞𝐢𝐝 𝐢𝐧 𝐑𝐨𝐮𝐧𝐝𝐜𝐮𝐛𝐞 𝐖𝐞𝐛𝐦𝐚𝐢𝐥
De #kwetsbaarheid kan een geauthentiseerde kwaadwillende in staat stellen om willekeurige code op afstand uit te voeren. Dit kan leiden tot het verkrijgen van toegang tot gevoelige gegevens. Ook is er een exploitcode in omloop waarmee de kwetsbaarheid kan worden misbruikt. Het advies is om de beschikbare #beveiligingsupdates zo snel mogelijk te (laten) installeren.
Meer informatie
https://www.digitaltrustcenter.nl/nieuws/ernstige-kwetsbaarheid-in-roundcube-webmail
Jeg har brukt epost med #Roundcube på #Domeneshop en stund nå, men vurderer å gå over til @protonprivacy.
Det har visst vært litt kontrovers rundt en uttalelse fra lederen der (se feks https://medium.com/@ovenplayer/does-proton-really-support-trump-a-deeper-analysis-and-surprising-findings-aed4fee4305e), men organisasjonen virker ikke akkurat som en ihugga MAGA-gjeng. Og produktene ser veldig gode ut.
Noen tanker? Eller erfaringer med eget domene på #ProtonMail?
#epost #mail #proton
Update: And there’s a PoC from our pals at Project Discovery as a PR to Nuclei.
Fix your #RoundCube stuff at your earliest convenience, plz.
https://github.com/projectdiscovery/nuclei-templates/pull/12258
#Roundcube <= 1.6.10 Post-Auth RCE via #PHP Object Deserialization #Vulnerability
Roundcube Webmail under fire: critical exploit found after a decade – Source: securityaffairs.com https://ciso2ciso.com/roundcube-webmail-under-fire-critical-exploit-found-after-a-decade-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Roundcube #Security #hacking
Angreifer können #Roundcube Webmail mit Schadcode attackieren | Security https://www.heise.de/news/Kritische-Schadcode-Luecke-bedroht-Roundcube-Webmail-10423965.html #Patchday #RoundcubeWebmail
#RoundCube bugs are nearly always a big deal. Pay attention to this one, CVE-2025-49113. I’d be surprised if a #PoC #exploit takes longer than a day or two to surface.
It does require the attacker to have an account, but that’s sometimes a pretty low barrier to entry (depending on the site).
https://infosec.exchange/@securityaffairs/114624890006086560
#Roundcube Webmail under fire: critical exploit found after a decade
https://securityaffairs.com/178615/hacking/roundcube-webmail-under-fire-critical-exploit-found-after-a-decade.html
#securityaffairs #hacking
#Roundcube 1.5.10 (#LTS) has been released (#Webmail / #Mail / #IMAP / #SMTP / #LDAP / #Managesieve / #PHP / #MariaDB / #MySQL / #PostgreSQL / #SQLite / #OracleDB / #MSSQL / #LongTermSupport) https://roundcube.net/
#Roundcube 1.6.11 (stable) has been released (#Webmail / #Mail / #IMAP / #SMTP / #LDAP / #Managesieve / #PHP / #MariaDB / #MySQL / #PostgreSQL / #SQLite / #OracleDB / #MSSQL) https://roundcube.net/
#BSI WID-SEC-2025-1208: [NEU] [hoch] #Roundcube: Schwachstelle ermöglicht Codeausführung
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Roundcube ausnutzen, um beliebigen Programmcode auszuführen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1208