n March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google Chrome or another Chromium-based web browser was enough.
The malicious links were personalized and extremely short-lived to avoid detection. However, Kaspersky’s technologies successfully identified a sophisticated zero-day exploit that was used to escape Google Chrome’s sandbox. After conducting a quick analysis, we reported the vulnerability to the Google security team, who fixed it as as CVE-2025-2783.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- SolarWinds: How Sunburst Sends Data Back to the Attackers
January 22, 2021
In our previous blog we described how the attackers controlled the Sunburst malware, and detailed a variety of commands that will result in data being sent to the threat actors. The next technique to discuss is how Sunburst sends this data to the attackers. If data is being sent to the attacker as a result of ...
- Network Attack Trends: Internet of Threats
January 22, 2021
Unit 42 researchers observed interesting attack trends from August-October 2020. Despite a surge in scanner activities and HTTP directory traversal exploitation attempts, CVE-2012-2311 and CVE-2012-1823, which were the most commonly exploited vulnerabilities in the wild in early summer 2020, are no longer at the top of that list. Several new critical exploits, including but not ...
- Amazon Kindle RCE Attack Starts with an Email
January 22, 2021
Three vulnerabilities in the Amazon Kindle e-reader would have allowed a remote attacker to execute code and run it as root – paving the way for siphoning money from unsuspecting users. Yogev Bar-On, researcher at Realmode Labs, found that it was possible to email malicious e-books to the devices via the “Send to Kindle” feature to ...
- Cybercriminals kick-off 2021 with sweepstakes, credit card, delivery scams
January 22, 2021
Trend Micro researches have predicted that this year, cybercriminals will continue to take advantage of Covid-19-related effects and incidents — such as people’s reliance on online purchases and e-services and the increased need for financial assistance — in order to bait victims and steal critical information. Even though new ways of stealing information regularly arise, ...
- Windows Remote Desktop servers now used to amplify DDoS attacks
January 21, 2021
Windows Remote Desktop Protocol (RDP) servers are now being abused by DDoS-for-hire services to amplify Distributed Denial of Service (DDoS) attacks. The Microsoft RDP service is a built-in Windows service running on TCP/3389 and/or UDP/3389 that enables authenticated remote virtual desktop infrastructure (VDI) access to Windows servers and workstations. Attacks taking advantage of this new UDP reflection/amplification ...
- CISA Issues Supply Chain Compromise Alert, Forms Coordination Group with Other Government Agencies
January 21, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert regarding an advanced persistent threat (APT) compromising government agencies, critical infrastructures, and private sector organizations. According to CISA, the APT actor is accountable for the compromise of the SolarWinds Orion supply chain. The actor is also responsible for the abuse of commonly used authentication mechanisms. ...