Phishing campaign uses UPS.com XSS vulnerability to distribute malware
The vulnerability allowed the threat actor to distribute a malicious document through a remote Cloudflare worker but make it look like it was being downloaded directly from UPS.com.
