Hi, Today a customer informed us that their install of Zimbra fell victim to CVE-2019-9670, a remote code execution vulnerability disclosed in March of this year: https://blog.tint0.com/2019/03/a-saga-of-code-executions-on-zimbra.html https://lorenzo.mile.si/zimbra-cve-2019-9670-being-actively-exploited-how-t… Since some time in April the attacker had used their VPS as a cryptocurrency miner, using two cores of the BitFolk host's Xeon E5-1680v4 at 100% each. If you run Zimbra and haven't patched this vulnerability you should check that you haven't been compromised, as automated scanning and compromise has been taking place for over a month now. If you discover compromise you will probably need to reinstall. About this email: https://tools.bitfolk.com/wiki/Security_incident_postings Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting