Google Links Exploitation Frameworks to Spanish Spyware Vendor Variston

malware

AI generated Image

While the exploits delivered by the Heliconia frameworks are now patched, they were all likely used as zero-days before Google, Mozilla and Microsoft learned of their existence and released fixes. Google says it can be used to deliver a Chrome renderer exploit, followed by a sandbox escape and agent installation in the post-exploitation stage. The Firefox remote code execution flaw, for instance, is believed to have been exploited by the Variston product since at least 2019.

Source read time: 2 min - securityweek.com

Also offered in: Nederlands

More news for you