In the past, Zimbra servers have been targeted in high-profile attacks. For example, a Russian threat actor exploited a vulnerability in Zimbra software to monitor emails from organizations linked to NATO, governments, diplomats, and military personnel. Additionally, a zero-day vulnerability in Zimbra was abused in a separate attack, compromising hundreds of servers.
Users and organizations are advised to remain vigilant against phishing attempts, keep software up to date, and follow best practices for email security to protect against such threats.
