🐛 Malvertising : ScamClub

Not only it exploits zero-day (CVE-2021–1801) to bypass the WebKit sandbox, but also abuses Amazon S3 to deliver the JS payload.

#SCAMS #BROWSER #ZERODAY #WEBKIT #EXPLOIT #JAVASCRIPT #SANDBOX #VULNERABILITY #CYBER #DIGITAL #THREATS #BROWSERS #PAYLOAD #WWW #INFORMATIQUE #WORMABLE #EXPLOITS #MALVERTISING #INCIDENTS

https://blog.confiant.com/malvertising-attack-hijacks-300-million-sessions-over-48-hours-9d0218fe02cd