A suspected Chinese espionage group is breaking into university email systems in the United States and Canada by exploiting a vulnerability in Roundcube, according to reporting by The Next Web and The Register. Security firm Proofpoint attributes the activity to a cluster it tracks as UNK_MassTraction and says the campaign has been active since at least May. Proofpoint reports that the intrusions focus on university mail servers and involve stealing access credentials from staff, including people in physics, engineering, and national security research areas. Both outlets describe Proofpoint’s findings as indicating the attackers use the compromised email environments to support credential theft and access. The Register adds that a Proofpoint researcher estimates the total number of targeted organizations would be in the “few dozen” range. The reporting describes this as an ongoing compromise campaign rather than a one-off incident, and it highlights Roundcube as the entry point attackers leverage to gain unauthorized access. The sources emphasize the suspected espionage links and do not describe any specific public-facing service disruption.