The AhnLab Security Intelligence Center and NCSC discovered a zero-day vulnerability in Windows exploited by ScarCruft to deliver RokRAT malware via 'toast' ads, requiring user interaction.
'Toast' ads in Korea refer to pop-up notifications that appear at the bottom of the PC screen. ScarCruft exploited a specific toast program to deliver malware.
The vulnerability, CVE-2024-38178, allows for remote code execution in Edge's Internet Explorer Mode. Exploitation necessitates user engagement through a crafted link.
Operation Code on Toast has been launched to address the exploitation of the memory corruption flaw, emphasizing the need for user awareness against such attacks.
Collection
[
|
...
]