Since May 2026, Proofpoint Threat Research has been tracking a suspected China-aligned cluster dubbed UNK_MassTraction that is exploiting n-day flaws in Roundcube webmail to compromise physics and engineering departments at U.S. and Canadian universities. The operators use a two-stage browser-to-server infection chain that begins with a Cross-Site Scripting (XSS) exploit against CVE-2024-42009 to execute JavaScript […]
The post China-Aligned UNK_MassTraction Exploits Roundcube Servers to Target Universities appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Mayura Kathir
Source: gbHackers
Source Link: https://gbhackers.com/china-aligned-unk_masstraction-exploits-roundcube-servers-to-target-universities/