The cost of zero-day exploits has always been high, especially if they allow an attacker to remotely execute code on a host machine. But why pay hundreds of thousands of dollars for a 0-day when a relatively simple drive-by attack doesn’t need one and can achieve much the same result? That’s what interested an Imperva security researcher who has published a report on new drive-by attack using something called the Evil Code Editor. Here’s what you need to know.
“A remote code execution chain i
