wiredmikey writes "The popular Blackhole exploit kit, assumed to be created and maintained by an individual going by the online moniker of “Paunch" who continuously updates the browser exploit software, looks like it has just received another upgrade.
Moreover, the kit’s recent upgrade also added a new attack. According to Sophos, sometime in early June Blackhole was updated to include an attack that targets a flaw in Microsoft’s XML Core Services, which remains unpatched.
Unfortunately, the changes prove once again that the criminal economy online is alive and well. Ironically, the work Paunch is doing possibly isn’t technically illegal in and of itself, as he’s simply writing software that others then buy or rent to actually hack victims’ computers and steal from them"
Link to Original Source