n March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google Chrome or another Chromium-based web browser was enough.
The malicious links were personalized and extremely short-lived to avoid detection. However, Kaspersky’s technologies successfully identified a sophisticated zero-day exploit that was used to escape Google Chrome’s sandbox. After conducting a quick analysis, we reported the vulnerability to the Google security team, who fixed it as as CVE-2025-2783.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Trickbot cybercrime group linked to new Diavol ransomware
July 1, 2021
FortiGuard Labs security researchers have linked a new ransomware strain dubbed Diavol to Wizard Spider, the cybercrime group behind the Trickbot botnet. Diavol and Conti ransomware payloads were deployed on different systems in a ransomware attack blocked by the company’s EDR solution in early June 2021. The two ransomware families’ samples are cut from the same cloth, ...
- Detecting unknown threats: a honeypot how-to
June 30, 2021
Catching threats is tricky business, especially in today’s threat landscape. To tackle this problem, for many years сybersecurity researchers have been using honeypots – a well-known deception technique in the industry. Dan Demeter, Senior Security Researcher with Kaspersky’s Global Research and Analysis Team and head of Kaspersky’s honeypot project, explains what honeypots are, why they ...
- Cobalt Strike Usage Explodes Among Cybercrooks
June 29, 2021
The use of Cobalt Strike – the legitimate, commercially available tool used by network penetration testers – by cybercrooks has shot through the roof, according to Proofpoint researchers, who say that the tool has now “gone fully mainstream in the crimeware world.” The researchers have tracked a year-over-year increase of 161 percent in the number of ...
- Russian hackers had months-long access to Denmark’s central bank
June 29, 2021
Russian state hackers compromised Denmark’s central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected. The breach was part of the SolarWinds cyber espionage campaign last year that the U.S. attributed to the Russian Foreign Intelligence Service, the SVR, through its hacking division ...
- New ransomware highlights widespread adoption of Golang language by cyberattackers
June 29, 2021
A new ransomware strain that utilizes Golang highlights the programming language’s increasing adoption by threat actors. CrowdStrike secured a sample of a new ransomware variant, as of yet unnamed, that borrows features from HelloKitty/DeathRansom and FiveHands. These ransomware strains are thought to have been active since 2019 and have been linked to attacks against the maker of ...
- Hackers use zero-day to mass-wipe My Book Live devices
June 29, 2021
A zero-day vulnerability in Western Digital My Book Live NAS devices allowed a threat actor to perform mass-factory resets of devices last week, leading to data loss. Last week, we broke the story that Western Digital My Book Live NAS owners suddenly discovered that their stored files had mysteriously disappeared. Unfortunately, the factory reset also reset ...