In Operation RoundPress, the compromise vector is a spearphishing email leveraging an XSS vulnerability to inject malicious JavaScript code into the victim’s webmail page
First seen on infosecurity-magazine.com
Jump to article: www.infosecurity-magazine.com/news/fancy-bear-russia-cyber-espionage/
