Dossier
U.S. and Canadian universities
Coverage of U.S. and Canadian universities in the Nexus archive.
- Suspected Chinese espionage group used a Roundcube exploit chain to burrow into universities
China-aligned attackers exploited Roundcube vulnerabilities to breach U.S. and Canadian university networks, targeting physics and engineering departments to steal data and establish persistent access. The campaign, linked to the UNK_MassTraction cluster, used CVE-2024-42009 and CVE-2025-49113 to execute JavaScript and gain mailserver access via phishing emails.