n March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google Chrome or another Chromium-based web browser was enough.
The malicious links were personalized and extremely short-lived to avoid detection. However, Kaspersky’s technologies successfully identified a sophisticated zero-day exploit that was used to escape Google Chrome’s sandbox. After conducting a quick analysis, we reported the vulnerability to the Google security team, who fixed it as as CVE-2025-2783.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New Mirai Variant Targets Zyxel Network-Attached Storage Devices
March 19, 2020
As soon as the proof-of-concept (PoC) for CVE-2020-9054 was made publicly available last month, this vulnerability was promptly abused to infect vulnerable versions of Zyxel network-attached storage (NAS) devices with a new Mirai variant – Mukashi. Mukashi brute forces the logins using different combinations of default credentials, while informing its command and control (C2) server of the successful ...
- Probing Pawn Storm Cyberespionage Campaign Through Scanning, Credential Phishing and More
March 19, 2020
Pawn Storm, an ongoing cyberespionage campaign with activities that can be traced as far back as 2004, has gained notoriety after aiming cyber-attacks at defense contractor personnel, embassies, and military forces of the United States and its allies, as well as international media and citizens across different civilian industries and sectors, among other targets. For years, ...
- The IIoT Threat Landscape: Securing Connected Industries
March 18, 2020
The Industrial Internet of Things (IIoT) provides bridges of connectedness that enable seamless IT and OT convergence. However, threat actors can cross these bridges to compromise systems. As the use of IoT extends beyond the home and goes into the vast industrial landscape, the scale of threats likewise grows. With that being said, some components of ...
- New Variant of Paradise Ransomware Spreads Through IQY Files
March 18, 2020
Internet Query Files (IQY) were used to deliver a new variant of Paradise ransomware, as reported by Last Line. The said file type has not been associated with this ransomware family before. In the past, IQY files were typically used in other malware campaigns such as the Necurs botnet that distributes IQY files to deliver FlawedAmmy RAT. Bebloh and Ursnif also spreads ...
- APT36 Taps Coronavirus as ‘Golden Opportunity’ to Spread Crimson RAT
March 17, 2020
A Pakistani-linked threat actor, APT36, has been using a decoy health advisory that taps into global panic around the coronavirus pandemic to spread the Crimson RAT. The functionalities of the Crimson RAT include stealing credentials from victims’ browsers, capturing screenshots, collecting anti-virus software information, and listing the running processes, drives and directories from victim machines. The ...
- New Ursnif Campaign Targets Users in Japan
March 17, 2020
Trend Micro researchers detected a new Ursnif campaign targeting users in Japan. The malware is distributed through infected Microsoft Word documents coming from spam emails. Ursnif, also known as Gozi, is an information stealer that collects login credentials from browsers and email applications. It has capabilities for monitoring network traffic, screen capturing, and keylogging. It is ...