Researchers warn businesses to be prepared for potential widespread attacks using the Double Kill exploit code. The code was posted online three days ago and has now been discovered incorporated into the RIG Exploit Kit and ThreadKit crimeware packages. Double Kill is a Windows VBScript Engine Remote Code Execution Vulnerability, independently discovered by researchers at Kaspersky Lab and Chinese security firm Qihoo360 Core. Microsoft also confirmed attackers were also exploiting CVE-2018-8120, a privilege escalation vulnerability that could allow attackers to gain control over a system.”]
Source: https://www.darkreading.com/analytics/windows-double-kill-attack-code-found-in-rig-exploit-kit