n March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google Chrome or another Chromium-based web browser was enough.
The malicious links were personalized and extremely short-lived to avoid detection. However, Kaspersky’s technologies successfully identified a sophisticated zero-day exploit that was used to escape Google Chrome’s sandbox. After conducting a quick analysis, we reported the vulnerability to the Google security team, who fixed it as as CVE-2025-2783.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Analysis: Abuse of .NET features for compiling malicious programs
March 12, 2020
The .NET framework, a software development framework created by Microsoft and is now a built-in component of Windows, includes components that enable developers to compile and execute C# source code during runtime. This allows programs to update or load modules without having to restart. While the .NET framework is originally intended to help software engineers, cybercriminals ...
- Busting Ghostcat: An Analysis of the Apache Tomcat Vulnerability (CVE-2020-1938 and CNVD-2020-10487)
March 11, 2020
Discussions surrounding the Ghostcat vulnerability (CVE-2020-1938 and CNVD-2020-10487) found in Apache Tomcat puts it in the spotlight as researchers looked into its security impact, specifically its potential use for remote code execution (RCE). Apache Tomcat is a popular open-source Java servlet container, so the discovery of Ghostcat understandably set off some alarms. This blog entry seeks to put the ...
- Operation Overtrap Targets Japanese Online Banking Users Via Bottle Exploit Kit and Brand-New Cinobi Banking Trojan
March 11, 2020
Trend Micro recently discovered a new campaign that we dubbed “Operation Overtrap” for the numerous ways it can infect or trap victims with its payload. The campaign mainly targets online users of various Japanese banks by stealing their banking credentials using a three-pronged attack. Based on our telemetry, Operation Overtrap has been active since April 2019 ...
- Wormable, Unpatched Microsoft Bug Threatens Corporate LANs
March 11, 2020
Microsoft is warning on a wormable, unpatched remote code-execution vulnerability in the Microsoft Server Message Block protocol – the same protocol that was targeted by the infamous WannaCry ransomware in 2017. The critical bug (CVE-2020-0796) affects Windows 10 and Windows Server 2019, and was not included in Microsoft’s Patch Tuesday release this week. The bug can be found in ...
- Modern RAM used for computers, smartphones still vulnerable to Rowhammer attacks
March 11, 2020
According to new research published today, modern RAM cards are still vulnerable to Rowhammer attacks despite extensive mitigations that have been deployed by manufacturers over the past six years. These mitigations, collectively referred to as Target Row Refresh (TRR), are a combination of software and hardware fixes that have been slowly added to the design of ...
- Avast disables JavaScript engine in its antivirus following major bug
March 11, 2020
Czech antivirus maker Avast has taken the extreme step of disabling a major component of its antivirus product after a security researcher found a dangerous vulnerability that put all of the company’s users at risk. The security flaw was found in Avast’s JavaScript engine, an internal component of the Avast antivirus that analyzes JavaScript code for ...