Recently, attackers have been leveraging a critical vulnerability in Zimbra by using cc'd email addresses to launch their attacks, as highlighted by Proofpoint US. This method allows attackers to exploit the vulnerability without directly targeting the victim's primary email, potentially bypassing traditional security measures. By utilizing cc'd emails, the attackers can increase the chances of their malicious payload successfully infiltrating the target's system, emphasizing the importance of staying vigilant and implementing robust cybersecurity measures to mitigate such risks posed by exploiting vulnerabilities
```https://www.proofpoint.com/us/newsroom/news/attackers-exploit-critical-zimbra-vulnerability-using-ccd-email-addresses