Despite its simplicity, a phishing campaign targeting customers of the Zimbra Collaboration software suite has spread to hundreds of organizations in over a dozen countries.
Zimbra is a collaborative software suite, which includes an email server and Web client. It is a niche alternative to traditional enterprise email solutions with a small fraction of the market, according to user figures tracked by Enlyft and 6sense.
Zimbra has been beset by security incidents all year, including a remote code execution bug, a cross-site scripting zero-day, and an infostealing campaign by the nation of North Korea.