WeLiveSecurity

Sednit abuses XSS flaws to hit gov't entities, defense companies

ESET researchers have discovered a cyberespionage operation that abuses cross-site scripting (XSS) vulnerabilities, including a zero-day XSS flaw in MDaemon webmail software, to steal confidential ...