Zimbra auth bypass bug exploited to breach over 1,000 servers