Hackers are actively exploiting CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution.

Spies hack high-value mail servers using an exploit from yesteryear Attacks spilled contacts and emails from targeted accounts.

Unlike many of its predecessors, Akira distinguishes itself by utilizing a zero-day exploit within SonicWall VPNs, raising the stakes for organizations relying on these widely trusted solutions.