“Researchers at the Google’s Project Zero security research team have found a brutal hole in FireEye kit that allows attackers to lay waste to corporate networks with a single email.
The flaw, dubbed ‘666’ from its Project Zero vulnerability number, is a passive monitoring hole that respected hacker Tavis Ormandy describes as a ‘nightmare scenario’.”
Source: FireEye flamed: single email allows total network access • The Register