The attackers exploited the flaw by sending an email with Exploiting the flaw is possible by sending an email email with a command added to the "MAIL FROM:" field https://abs.twimg.com/emoji/v2/... draggable="false" alt="👇" title="Down pointing backhand index" aria-label="Emoji: Down pointing backhand index">
The script used gives the attackers complete access to compromised servers and MySQL databases

Two of the commands, base64-encoded, check running processes for Little Snitch firewall for macOS. Commands are dropped if LS is found
more tweet-size details in this thread here: https://twitter.com/BleepinComputer/status/1266024197542862849">https://twitter.com/BleepinCo...
You can follow @Ionut_Ilascu.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled: