U.S. federal networks were reported by the Cybersecurity and Infrastructure Security Agency to have had their Barracuda Email Security Gateway compromised with the novel Submarine malware, also known as DepthCharge, in attacks by suspected China-linked threat operation UNC4841 involving the exploitation of a remote command injection vulnerability, tracked as CVE-2023-2868, in May, according to BleepingComputer.
Article Link: Hacked Barracuda ESGs impacted by novel Submarine malware | SC Media