It was recently discovered that the SquirrelMail webserver had
been compromised. The project administrators took immediate
action to mitigate any futher compromises, locking all accounts
out, and resetting critical passwords.
At this time, the SquirrelMail project administrators have shut
down access to the original server, and put a temporary hold on
access to the plugins. It is believed that none of the plugins
have been compromised, but further investigations are still
The compromise of this server does not include a compromise of
the source control, which is hosted on a separate repository
managed by SourceForge.
Further details will be published as soon as the details have