Phishing campaign uses UPS.com XSS vuln to distribute malware

bleepingcomputer.com - A clever UPS phishing campaign utilized an XSS vulnerability in UPS.com to push fake and malicious 'Invoice' Word documents.

Tweeted by @DarthSn3ak3rs https://twitter.com/DarthSn3ak3rs/status/1429918036560158726