North Korean actors 🇰🇵 are targeting security researchers again including use of at least one 0-day. IOCs in the blog ⬇️ If you've been in contact, please reach out
@wdormann
@attritionorg
@maddiestone
@5aelo
RCE discovered in the wild targeting Chrome on Android. We haven't recovered the whole exploit chain but the RCE was highly likely followed by SBX+LPE. No calc :-)
@ItsReallyNick
@cglyer
We might have a similar rule, heh. Hopefully one day we will be able to release more details about these exploits. Qihoo might release details for this one?