A suspected Chinese espionage group is breaking into university email systems in the United States and Canada by exploiting a vulnerability in Roundcube, according to reporting by The Next Web and The Register. Security firm Proofpoint attributes the activity to a cluster it tracks as UNK_MassTraction and says the campaign has been active since at least May. Proofpoint reports that the intrusions focus on university mail servers and involve stealing access credentials from staff, including people in physics, engineering, and national security research areas. Both outlets describe Proofpoint’s findings as indicating the attackers use the compromised email environments to support credential theft and access. The Register adds that a Proofpoint researcher estimates the total number of targeted organizations would be in the “few dozen” range. The reporting describes this as an ongoing compromise campaign rather than a one-off incident, and it highlights Roundcube as the entry point attackers leverage to gain unauthorized access. The sources emphasize the suspected espionage links and do not describe any specific public-facing service disruption.
Suspected Chinese espionage group targets university email servers via Roundcube vulnerability
A suspected Chinese espionage group is breaking into university email systems in the United States and Canada by exploiting a vulnerability in Roundcube, according to reporting by The Next Web and The...
- Proofpoint attributes the activity to a suspected Chinese espionage campaign it tracks as UNK_MassTraction.
- The attackers compromise university email systems using a flaw in Roundcube.
- The campaign targets universities in the United States and Canada.
- Proofpoint reports credential theft from university staff, including staff in physics, engineering, and national security research.
- A Proofpoint researcher estimates the total number of targets is in the “few dozen” range.
A suspected Chinese espionage group has been breaking into university mail servers across the United States and Canada. It has stolen credentials from staff in physics, engineering, and national security research. Security firm Proofpoint disclosed the campaign this week, tracking the crew as UNK_MassTraction and dating it to at least May. The Register reported further […] This story continues at The Next Web
2 hours agoProofpoint researcher tells The Reg: 'We estimate the total volume of targets would be a few dozen'
18 hours agoFrench competition authority probe into Nvidia nears conclusion
French competition authorities are nearing the end of an investigation into Nvidia, according to reports citing the prob...
Allianz Partners plans to cut up to 1,800 jobs as it expands AI use
Allianz is preparing to reduce jobs at its assistance and travel insurance unit, Allianz Partners, as the company increa...
Anthropic, OpenAI and SpaceX IPOs could surpass two decades of US venture exits
Multiple outlets report that three upcoming or discussed initial public offerings—linked to Anthropic, OpenAI, and Space...