https://protonmail.ch/blog/protonmail-security-contributors/
https://protonmail.ch/blog/protonmail-security-contributors/
https://www.meldium.com/security
Recently I saw an awesome research by Ange Albertini in abusing a GIF file and injecting JS inside. You can download his code from here The following code is a custom made gif , yet abused by our JS payload.
(more…)