Browser Security

CISA Adds Actively Exploited Roundcube Flaws to KEV Catalog

Nishant Sharma

22 Feb 2026 — 1 min read

This newsletter is AI generated and may hallucinate sometimes 😊

CISA Adds Actively Exploited Roundcube Webmail Flaws to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two actively exploited vulnerabilities in Roundcube webmail, CVE-2023-5631 and CVE-2023-5632, to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation.
CVE-2023-5631 is a cross-site scripting (XSS) vulnerability that could allow remote code execution (RCE) in specific environments, triggered by crafting a malicious SVG image or sending an email with a specially crafted link.
These flaws impact Roundcube versions 1.6.x before 1.6.6, 1.5.x before 1.5.6, and 1.4.x before 1.4.14, with CISA mandating federal agencies to patch these vulnerabilities by March 4, 2026.

Source: The Hacker News | Date: February 12, 2026

References

CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog - The Hacker News
U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog - Security Affairs
CISA Adds Two Known Exploited Vulnerabilities to Catalog - CISA
CVE-2023-5631 Entry - NVD/MITRE
CVE-2023-5632 Entry - NVD/MITRE

Read more

Chrome Emergency Patch, Phishing Services, and Browser-Related Flaws

This newsletter is AI generated and may hallucinate sometimes 😊 ‘Starkiller’ Phishing Service Proxies Real Login Pages and MFA * Starkiller is a new phishing-as-a-service (PhaaS) platform that leverages sophisticated reverse proxy technology to intercept login credentials and bypass multi-factor authentication (MFA). * Operating since early 2026, the service targets high-value corporate accounts

Urgent Chrome Patch: Google Fixes High-Severity PDF and V8 Engine Flaws

This newsletter is AI generated and may hallucinate sometimes 😊 * Google has released an urgent security update for Chrome, addressing several high-severity vulnerabilities, including flaws in the PDFium library and the V8 JavaScript engine. * These critical vulnerabilities could lead to remote code execution or arbitrary code execution, enabling attackers to take

Chromium Zero-Day & VS Code Extension Flaws: Urgent Security Bulletin

This newsletter is AI generated and may hallucinate sometimes 😊 Job scam uses fake Google Forms site to harvest Google logins * Phishing campaign targets job seekers with highly convincing fake Google Forms. * Scammers use domain impersonation, like forms.google.ss-o[.]com, to trick users. * Submitting fake forms redirects to credential-harvesting pages,

Firefox RCE Vulnerability Fixed

This newsletter is AI generated and may hallucinate sometimes 😊 Koi to join Palo Alto Networks: A Defining Moment * Autonomous AI agents emerge as persistent actors with privileged access on evolving software endpoints. * Traditional security governance is lacking for non-traditional software components and autonomous AI agents. * New security paradigms are critically