CISA has urged organizations to patch a recent Zimbra credential theft vulnerability after reports of exploitation in the wild.