Security concerns - Uncovering an APT28 Roundcube Toolkit

[dutterman]

Hello,

I'm running RC since probably a decade and really happy with the UI. But I wonder what I can do to increase security.
After reading: https://hunt.io/blog/operation-roundish-apt28-roundcube-exploitation it seems that even using the 2-factor authentication plugin, the webapp is vulnerable to exploits.

Is there any guidance on how to increase security to mitigate these risks?