Post #8456

⚠️ A 9.9-rated Roundcube RCE flaw is now on CISA’s KEV list after confirmed active exploitation. Researchers say attackers diffed and weaponized the bug within 48 hours. An exploit was reportedly offered for sale in June 2025. The issue lived in the code for more than 10 years. A second XSS flaw is also being abused. 🔗 Read → https://thehackernews.com/2026/02/cisa-adds-two-actively-exploited.html