The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor malware named 'Whirlpool' used in attacks on compromised Barracuda Email Security Gateway (ESG) devices.
CISA: 'Whirlpool' Backdoor Sends Barracuda ESG Security Down the Drain
ZeroFox
Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security
Barracuda ESG users told to throw away their hardware
Critical Flaw in Dell Compellent Integration Tools Exposes VMware vCenter Admin Credentials
Another Barracuda ESG zero-day flaw exploited in the wild
Threat Simulator: June 2023 Update
UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw
Barracuda Email Security Gateway 400 Vx Virtual Appliance