SquirrelMail open source project's web server hacked

Filed under
Security
Web

It has just become apparent that, on June 16, attackers hacked into the web server of the SquirrelMail open source project. The operators have suspended all accounts and reset all crucial passwords. Access to the original server and to all the available plug-ins has also been disabled. The operators believe that none of the plug-ins has been compromised, but investigations are still in progress. Third party plug-ins can be used to add features to SquirrelMail.

It is currently unknown as to how the intruders hacked into the server. According to the server operators, the SquirrelMail web mailer's source code was not accessible at any time because it is located on a different server.

rest here