An Iranian attacker has been targeting users who have failed to patch a remote code execution vulnerability in a Microsoft browser engine to spy on Farsi-speaking victims. The same vulnerability was also recently exploited by a North Korean attacker, says South Korean security company AhnLab. The majority of victims appear to be based in the U.S., followed by the Netherlands, researchers say. The threat actors are using a new. PowerShortShell, called PowerShort Shell, to carry out the attacks on unpatched systems.”]
Source: https://www.cuinfosecurity.com/hackers-exploit-ms-browser-engine-flaw-where-unpatched-a-18003