A German security researcher has discovered a group of vulnerabilities in various email clients, collectively dubbed Mailsploit, which allow an attacker to spoof email sender identities without being picked up by DMARC. Mailsploit also allows the bad guys to launch cross-site scripting (XSS) and code-injection attacks. According to Sabri Haddouche, the bombshell issue is that […]