Security firm Barracuda Networks disclosed a zero-day vulnerability in its popular email client that hackers exploited for eight months before it was discovered and patched. The patch rolled out 11 days ago, and Barracuda notified customers about the flaw via its Email Security Gateway (ESG), providing mitigation measures.