Firefox 0 day exploits
Hacker news reports of a story about two new firefox 0 day exploits.
- CVE-2022-26485 – Removing an XSLT parameter during processing could lead to an exploitable use-after-free
- CVE-2022-26486 – An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape
New Emotet spam starts hitting mailboxes worldwide.
Bleeping computers is reporting that Emotet has resurfaced and is hitting mailboxes worldwide. Emotet malware can download payloads, like TrickBot and QBot trojans, Can search to steal emails, and spread to other computers.
More information can be found: