A week in security (December 28 – January 3)

First off we would like to wish all our readers a happy and secure 2021! Last week on Malwarebytes Labs we presented an overview of developments in the SearchDimension hijackers, we looked at the most enticing cyberattacks of 2020, and we also looked back at the strangest cybersecurity events of...

Google AOSP Email for Android开放重定向漏洞

The Google AOSP Email App is vulnerable to HTML Injection on the email body. It allows a remote attacker to be able to send a crafted email with a payload that redirects the user to a target url as soon as he opens the email. This issue is not related with the email provider configured on the app...