A zero-day security vulnerability is actively exploited in attacks targeting European media and government organizations. Zimbra is an email and collaboration platform that also includes instant messaging, contacts, video conferencing, file sharing, and cloud storage capabilities. Volexity says that so far, it only observed a single, previously unknown threat actor it tracks as TEMP_Heretic (believed to be Chinese) exploiting the vulnerability in spear-phishing campaigns to steal emails. The vulnerability can also enable attackers to perform other malicious actions “in the context of the user’s ZimbRA webmail session””]