Signal

China-aligned hackers exploit Roundcube vulnerabilities to target US and Canadian universities

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-07-07 09:00 UTCUpdated 2026-07-07 10:28 UTC
rss
cveexploitsbreachesthreat_actorsincident_response
Trend in the last 24h
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.
3 top sources shown
Overview

A China-aligned espionage group has been exploiting critical, now-patched vulnerabilities in the open-source Roundcube webmail software to infiltrate physics and engineering departments at US and Canadian universities.

Score total
1.35
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
  • Campaign activity observed since May 2026 and still ongoing.
  • Many victims likely remain unaware of compromise, increasing risk.
  • Recent public disclosures of patched Roundcube vulnerabilities enable detection and mitigation.
Why it matters
  • Targets sensitive academic research linked to national security and advanced physics.
  • Exploits critical vulnerabilities in widely used open-source email software.
  • Highlights ongoing stealthy espionage campaigns against educational institutions.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
  • China-aligned hackers exploited critical Roundcube vulnerabilities CVE-2024-42009 and CVE-2025-49113 to steal credentials and deploy malware in university networks.
How sources frame it
  • Proofpoint Researchers: neutral
Consolidated multiple reports into a concise narrative emphasizing the espionage campaign's technical details and impact on academia.
All evidence
All evidence
Chinese Cyberespionage Exploits University Roundcube Servers
BankInfoSecurity · bankinfosecurity.com · 2026-07-07 10:28 UTC
Suspected China-Aligned Hackers Exploit Roundcube Flaws Against Universities
thehackernews · thehackernews.com · 2026-07-07 09:10 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
  • BankInfoSecurity (1)
  • thehackernews (1)
  • CyberScoop (1)
Top origin domains (this list)
  • bankinfosecurity.com (1)
  • thehackernews.com (1)
  • cyberscoop.com (1)