An employee from the accounting department logs in to the website used for processing the company's payments. After logging in, a new desktop application automatically downloads on the employee's computer and causes the computer to restart. Which of the following attacks has occurred?

Cross-Site Scripting (XSS) involves injecting malicious scripts into web pages that are viewed by other users. While it can compromise the security of users, XSS typically does not lead to automatic downloads or restarts of a user's computer. Instead, it often aims to steal information or manipulate user sessions without altering the user's system directly.

Typosquatting involves creating a malicious website with a URL that is a common misspelling of a legitimate site. Although it can trick users into visiting, it does not inherently involve automatic downloads or restarts. The attack relies on user error, rather than exploiting a trusted site that the users typically access.

A buffer overflow attack occurs when more data is written to a block of memory, or buffer, than it can hold, potentially allowing malicious code to execute. While this can lead to system crashes or breaches, it doesn't correlate with the scenario of a direct download upon logging in, as described in the question.