<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 10 Jul 2026 08:15:24 +0000</lastBuildDate>
    <item>
      <title>f98b96d0-7d3e-43bb-aab8-347980fd70d3</title>
      <link>https://vulnerability.circl.lu/sighting/f98b96d0-7d3e-43bb-aab8-347980fd70d3/export</link>
      <description>{"uuid": "f98b96d0-7d3e-43bb-aab8-347980fd70d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-49113", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mq6okgtfd72w", "content": "\ud83d\udcf0 Hacker Diduga Berafiliasi dengan China Eksploitasi Celah Roundcube untuk Memata-matai Peneliti Akademik\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/09/hacker-eksploitasi-kerentanan-roundcube-peneliti-akademik/\n\n#backdoor #china #cve #cve-2024-42009 #cve-2025-49113 #cyberse", "creation_timestamp": "2026-07-09T03:22:05.226424Z"}</description>
      <content:encoded>{"uuid": "f98b96d0-7d3e-43bb-aab8-347980fd70d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-49113", "type": "seen", "source": "https://bsky.app/profile/ahmandonk.bsky.social/post/3mq6okgtfd72w", "content": "\ud83d\udcf0 Hacker Diduga Berafiliasi dengan China Eksploitasi Celah Roundcube untuk Memata-matai Peneliti Akademik\n\n\ud83d\udc49 Baca artikel lengkap di sini: https://ahmandonk.com/2026/07/09/hacker-eksploitasi-kerentanan-roundcube-peneliti-akademik/\n\n#backdoor #china #cve #cve-2024-42009 #cve-2025-49113 #cyberse", "creation_timestamp": "2026-07-09T03:22:05.226424Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f98b96d0-7d3e-43bb-aab8-347980fd70d3/export</guid>
      <pubDate>Thu, 09 Jul 2026 03:22:05 +0000</pubDate>
    </item>
    <item>
      <title>d04fece6-908c-4d7a-8591-0e0c33ccf56c</title>
      <link>https://vulnerability.circl.lu/sighting/d04fece6-908c-4d7a-8591-0e0c33ccf56c/export</link>
      <description>{"uuid": "d04fece6-908c-4d7a-8591-0e0c33ccf56c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mq4rf27sjl2v", "content": "China-aligned attackers exploited vulnerabilities in Roundcube to infiltrate U.S. and Canadian universities, targeting physics and engineering departments. The campaign, tracked as UNK_MassTraction, utilized CVE-2024-42009 and CVE-2025-49113 to gain access.", "creation_timestamp": "2026-07-08T09:07:26.149351Z"}</description>
      <content:encoded>{"uuid": "d04fece6-908c-4d7a-8591-0e0c33ccf56c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mq4rf27sjl2v", "content": "China-aligned attackers exploited vulnerabilities in Roundcube to infiltrate U.S. and Canadian universities, targeting physics and engineering departments. The campaign, tracked as UNK_MassTraction, utilized CVE-2024-42009 and CVE-2025-49113 to gain access.", "creation_timestamp": "2026-07-08T09:07:26.149351Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/d04fece6-908c-4d7a-8591-0e0c33ccf56c/export</guid>
      <pubDate>Wed, 08 Jul 2026 09:07:26 +0000</pubDate>
    </item>
    <item>
      <title>eb16d339-fd1e-4390-9752-48ef6b6c522d</title>
      <link>https://vulnerability.circl.lu/sighting/eb16d339-fd1e-4390-9752-48ef6b6c522d/export</link>
      <description>{"uuid": "eb16d339-fd1e-4390-9752-48ef6b6c522d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://threatintel.cc/2026/07/07/072643.html", "content": "Chinese Cyberespionage Exploits University Roundcube Servers\n\nThe nation-state actor UNK_MassTraction is targeting university departments via Roundcube mailserver vulnerabilities to deploy malware and steal credentials. By chaining CVE-2024-42009 and CVE-2025-49113, the attackers gain unauthorized access and persistence within targeted networks.", "creation_timestamp": "2026-07-08T01:01:06.542164Z"}</description>
      <content:encoded>{"uuid": "eb16d339-fd1e-4390-9752-48ef6b6c522d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://threatintel.cc/2026/07/07/072643.html", "content": "Chinese Cyberespionage Exploits University Roundcube Servers\n\nThe nation-state actor UNK_MassTraction is targeting university departments via Roundcube mailserver vulnerabilities to deploy malware and steal credentials. By chaining CVE-2024-42009 and CVE-2025-49113, the attackers gain unauthorized access and persistence within targeted networks.", "creation_timestamp": "2026-07-08T01:01:06.542164Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/eb16d339-fd1e-4390-9752-48ef6b6c522d/export</guid>
      <pubDate>Wed, 08 Jul 2026 01:01:06 +0000</pubDate>
    </item>
    <item>
      <title>54b2edab-8deb-459f-ba04-1dbb273de356</title>
      <link>https://vulnerability.circl.lu/sighting/54b2edab-8deb-459f-ba04-1dbb273de356/export</link>
      <description>{"uuid": "54b2edab-8deb-459f-ba04-1dbb273de356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://bsky.app/profile/captechgroup.com/post/3mq37nvil4c2b", "content": "China-aligned group targeting university Roundcube servers via XSS phishing, then pivoting to in-memory backdoors for network access. CVE-2024-42009 and CVE-2025-49113 chain. Physics and engineering departments in scope. #infosec #cybersecurity", "creation_timestamp": "2026-07-07T18:17:36.458045Z"}</description>
      <content:encoded>{"uuid": "54b2edab-8deb-459f-ba04-1dbb273de356", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://bsky.app/profile/captechgroup.com/post/3mq37nvil4c2b", "content": "China-aligned group targeting university Roundcube servers via XSS phishing, then pivoting to in-memory backdoors for network access. CVE-2024-42009 and CVE-2025-49113 chain. Physics and engineering departments in scope. #infosec #cybersecurity", "creation_timestamp": "2026-07-07T18:17:36.458045Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/54b2edab-8deb-459f-ba04-1dbb273de356/export</guid>
      <pubDate>Tue, 07 Jul 2026 18:17:36 +0000</pubDate>
    </item>
    <item>
      <title>9ca61bed-6c2a-4b40-b513-aedd82ad4535</title>
      <link>https://vulnerability.circl.lu/sighting/9ca61bed-6c2a-4b40-b513-aedd82ad4535/export</link>
      <description>{"uuid": "9ca61bed-6c2a-4b40-b513-aedd82ad4535", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://threatintel.cc/2026/07/07/072643.html", "content": "Chinese Cyberespionage Exploits University Roundcube Servers\n\nThe nation-state actor UNK_MassTraction is targeting university departments via Roundcube mailserver vulnerabilities to deploy malware and steal credentials. By chaining CVE-2024-42009 and CVE-2025-49113, the attackers gain unauthorized access and persistence within targeted networks.", "creation_timestamp": "2026-07-07T16:00:45.817547Z"}</description>
      <content:encoded>{"uuid": "9ca61bed-6c2a-4b40-b513-aedd82ad4535", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://threatintel.cc/2026/07/07/072643.html", "content": "Chinese Cyberespionage Exploits University Roundcube Servers\n\nThe nation-state actor UNK_MassTraction is targeting university departments via Roundcube mailserver vulnerabilities to deploy malware and steal credentials. By chaining CVE-2024-42009 and CVE-2025-49113, the attackers gain unauthorized access and persistence within targeted networks.", "creation_timestamp": "2026-07-07T16:00:45.817547Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/9ca61bed-6c2a-4b40-b513-aedd82ad4535/export</guid>
      <pubDate>Tue, 07 Jul 2026 16:00:45 +0000</pubDate>
    </item>
    <item>
      <title>80374a8a-7869-4b79-9393-999680d2405e</title>
      <link>https://vulnerability.circl.lu/sighting/80374a8a-7869-4b79-9393-999680d2405e/export</link>
      <description>{"uuid": "80374a8a-7869-4b79-9393-999680d2405e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116878448734187190", "content": "The nation-state actor UNK_MassTraction is targeting university departments via Roundcube mailserver vulnerabilities to deploy malware and steal credentials. By chaining CVE-2024-42009 and CVE-2025-49113, the attackers gain unauthorized access and persistence within targeted networks.https://www.bankinfosecurity.com/chinese-cyberespionage-exploits-university-roundcube-servers-a-32165", "creation_timestamp": "2026-07-07T11:26:35.652375Z"}</description>
      <content:encoded>{"uuid": "80374a8a-7869-4b79-9393-999680d2405e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/116878448734187190", "content": "The nation-state actor UNK_MassTraction is targeting university departments via Roundcube mailserver vulnerabilities to deploy malware and steal credentials. By chaining CVE-2024-42009 and CVE-2025-49113, the attackers gain unauthorized access and persistence within targeted networks.https://www.bankinfosecurity.com/chinese-cyberespionage-exploits-university-roundcube-servers-a-32165", "creation_timestamp": "2026-07-07T11:26:35.652375Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/80374a8a-7869-4b79-9393-999680d2405e/export</guid>
      <pubDate>Tue, 07 Jul 2026 11:26:35 +0000</pubDate>
    </item>
    <item>
      <title>74b952bb-68f5-4c6b-8c18-6b8d3ffc2040</title>
      <link>https://vulnerability.circl.lu/sighting/74b952bb-68f5-4c6b-8c18-6b8d3ffc2040/export</link>
      <description>{"uuid": "74b952bb-68f5-4c6b-8c18-6b8d3ffc2040", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/244b79b9-47c6-4547-b77d-769b1b9b8d01", "content": "", "creation_timestamp": "2026-06-23T14:03:42.868455Z"}</description>
      <content:encoded>{"uuid": "74b952bb-68f5-4c6b-8c18-6b8d3ffc2040", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/244b79b9-47c6-4547-b77d-769b1b9b8d01", "content": "", "creation_timestamp": "2026-06-23T14:03:42.868455Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/74b952bb-68f5-4c6b-8c18-6b8d3ffc2040/export</guid>
      <pubDate>Tue, 23 Jun 2026 14:03:42 +0000</pubDate>
    </item>
    <item>
      <title>43121375-044d-4d1e-8601-71d6dfd11d6e</title>
      <link>https://vulnerability.circl.lu/sighting/43121375-044d-4d1e-8601-71d6dfd11d6e/export</link>
      <description>{"uuid": "43121375-044d-4d1e-8601-71d6dfd11d6e", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3dd8d897-e33d-4f28-b31f-9df8c660a1dc", "content": "", "creation_timestamp": "2026-06-19T12:45:16.135289Z"}</description>
      <content:encoded>{"uuid": "43121375-044d-4d1e-8601-71d6dfd11d6e", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/3dd8d897-e33d-4f28-b31f-9df8c660a1dc", "content": "", "creation_timestamp": "2026-06-19T12:45:16.135289Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/43121375-044d-4d1e-8601-71d6dfd11d6e/export</guid>
      <pubDate>Fri, 19 Jun 2026 12:45:16 +0000</pubDate>
    </item>
    <item>
      <title>a552f821-1589-45a0-9eb8-0c12ec5f7b27</title>
      <link>https://vulnerability.circl.lu/sighting/a552f821-1589-45a0-9eb8-0c12ec5f7b27/export</link>
      <description>{"uuid": "a552f821-1589-45a0-9eb8-0c12ec5f7b27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "Telegram/yG0q3IpDztUHkWGWcBfSkFN1RblCcRFZP5pQldEwVfp_P8g", "content": "", "creation_timestamp": "2026-04-16T09:00:04.000000Z"}</description>
      <content:encoded>{"uuid": "a552f821-1589-45a0-9eb8-0c12ec5f7b27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "seen", "source": "Telegram/yG0q3IpDztUHkWGWcBfSkFN1RblCcRFZP5pQldEwVfp_P8g", "content": "", "creation_timestamp": "2026-04-16T09:00:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a552f821-1589-45a0-9eb8-0c12ec5f7b27/export</guid>
      <pubDate>Thu, 16 Apr 2026 09:00:04 +0000</pubDate>
    </item>
    <item>
      <title>b11b1adb-bf35-4fdf-9823-18ba9012e588</title>
      <link>https://vulnerability.circl.lu/sighting/b11b1adb-bf35-4fdf-9823-18ba9012e588/export</link>
      <description>{"uuid": "b11b1adb-bf35-4fdf-9823-18ba9012e588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "published-proof-of-concept", "source": "Telegram/S964UnaAzc4FW7CZCUbAm7wNqkztcWapRmtGqRf9U9sXCaA", "content": "", "creation_timestamp": "2026-04-12T03:00:07.000000Z"}</description>
      <content:encoded>{"uuid": "b11b1adb-bf35-4fdf-9823-18ba9012e588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49113", "type": "published-proof-of-concept", "source": "Telegram/S964UnaAzc4FW7CZCUbAm7wNqkztcWapRmtGqRf9U9sXCaA", "content": "", "creation_timestamp": "2026-04-12T03:00:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b11b1adb-bf35-4fdf-9823-18ba9012e588/export</guid>
      <pubDate>Sun, 12 Apr 2026 03:00:07 +0000</pubDate>
    </item>
  </channel>
</rss>
