New RomCom attacks involve Windows, Firefox zero-day exploits

Intrusions exploiting a Firefox animation timeline use-after-free vulnerability, tracked as CVE-2024-9680, and a Windows Task Scheduler privilege escalation bug, tracked as CVE-2024-49039 both of which are zero-days have been deployed by Russian threat operation RomCom, also known as Tropical Scorpius, Storm-0978, and UNC2596, against North America and Europe as part of a sweeping attack campaign, BleepingComputer reports.SCM feed for Endpoint/Device SecurityRead More