n March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google Chrome or another Chromium-based web browser was enough.
The malicious links were personalized and extremely short-lived to avoid detection. However, Kaspersky’s technologies successfully identified a sophisticated zero-day exploit that was used to escape Google Chrome’s sandbox. After conducting a quick analysis, we reported the vulnerability to the Google security team, who fixed it as as CVE-2025-2783.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- European Medicines Agency says it has been targeted by cyber attack
December 9, 2020
In a short statement published on its website, the agency said: “EMA has been the subject of a cyberattack. The agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities. “EMA cannot provide additional details whilst the investigation is ongoing. Further information will be made available in due course,” ...
- FireEye reveals that it was hacked by a nation state APT group
December 9, 2020
Leading cybersecurity company FireEye disclosed today that it was hacked by a threat actor showing all the signs of a state-sponsored hacking group. The attackers were able to steal Red Team assessment tools FireEye uses to test customers’ security and designed to mimic tools used by many cyber threat actors. Read more… Source: Bleeping Computer
- Foxconn electronics giant hit by ransomware, $34 million ransom
December 9, 2020
Foxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices. Foxconn is the largest electronics manufacturing company globally, with recorded revenue of $172 billion in 2019 and over 800,000 employees worldwide. Foxconn subsidiaries include Sharp Corporation, Innolux, FIH Mobile, and Belkin. BleepingComputer has been ...
- Norway: Russian APT28 state hackers likely behind Parliament attack
December 9, 2020
Russian-backed hacking group APT28 has likely brute-forced multiple Norwegian Parliament (Stortinget) email accounts on August 24, 2020, according to the Norwegian Police Security Service (PST, short for Politiets Sikkerhetstjeneste). Attackers gained access to a limited number of Stortinget email accounts of representatives and employees as disclosed by Stortinget director Marianne Andreassen. A statement published on the parliament’s ...
- Severe MDHexRay bug affects 100+ GE Healthcare imaging systems
December 9, 2020
A vulnerability in GE Healthcare’s proprietary management software used for medical imaging devices could put patients’ health privacy at risk, potentially their lives. The flaw received the name MDHexRay (CVE-2020-25179) and a severity score of 9.8 out of 10. It affects more than 100 CT, X-Ray, MRI device models in a dozen product lines from the ...
- Chinese Breakthrough in Quantum Computing a Warning for Security Teams
December 7, 2020
China’s top quantum-computer researchers have reported that they have achieved quantum supremacy, i.e., the ability to perform tasks a traditional supercomputer cannot. And while it’s a thrilling development, the inevitable rise of quantum computing means security teams are one step closer to facing a threat more formidable than anything before. Researchers from the University of Science ...