It has been observed by Proofpoint researchers that TA473, a newly minted APT actor, abuses publicly facing Zimbra-hosted webmail portals by exploiting a vulnerability found in Zimbra, which has been tracked as CVE-2022-27926.
The sole goal of this activity is to gain unauthorized access to the following organizations that are involved in the Russia-Ukrainian War:-
https://cybersecuritynews.com/hackers-e ... erability/