Proofpoint says UNK_MassTraction exploited patched Roundcube flaws to target U.S. and Canadian university mail servers.
Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.