n March 2025, Kaspersky detected a wave of infections that occurred when users clicked on personalized phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google Chrome or another Chromium-based web browser was enough.
The malicious links were personalized and extremely short-lived to avoid detection. However, Kaspersky’s technologies successfully identified a sophisticated zero-day exploit that was used to escape Google Chrome’s sandbox. After conducting a quick analysis, we reported the vulnerability to the Google security team, who fixed it as as CVE-2025-2783.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cyber-security breaches at 67 percent of healthcare organisations last year
January 16, 2020
A survey has found that a large portion of healthcare organisations in the UK experienced cyber-security incidents last year, which were mostly due to employees sharing data. According to new research, in the last 12 months, 67 percent of healthcare organisations in the UK suffered a cyber-security incident. The data was compiled by Clearswift, which surveyed senior business decision makers ...
- Satan Ransomware Reborn to Torment Businesses
January 16, 2020
A ransomware with the un-snappy moniker of “5ss5c” has emerged on the scene and appears to be in active development. According to independent researcher Bart Blaze, the malware is the successor to the Satan ransomware, and its authors are still experimenting with focused targeting (China, for now) and features. Blaze said in a blog posted Tuesday that 5ss5c and ...
- Zeppelin: Russian Ransomware Targets High Profile Users in the U.S. and Europe
January 11, 2020
Zeppelin is the newest member of the Delphi-based Ransomware-as-a-Service (RaaS) family initially known as Vega or VegaLocker. Although it’s clearly based on the same code and shares most of its features with its predecessors, the campaign that it’s been part of differs significantly from campaigns involving the previous versions of this malware. Vega samples were first ...
- Oil-and-Gas APT Pivots to U.S. Power Plants
January 10, 2020
A known APT group with ties to the Iran-linked APT33, dubbed Magnallium, has expanded its targeting from the global oil-and-gas industry to specifically include electric companies in North America. That’s according to a report from Dragos, released Thursday, which noted that the discovery is part of a broader trend in which cybercriminals focused on critical infrastructure are branching ...
- Operation AppleJeus Sequel
January 10, 2020
The Lazarus group is currently one of the most active and prolific APT actors. In 2018, Kaspersky published a report on one of their campaigns, named Operation AppleJeus. Notably, this operation marked the first time Lazarus had targeted macOS users, with the group inventing a fake company in order to deliver their manipulated application and exploit ...
- Exploit Fully Breaks SHA-1, Lowers the Attack Bar
January 9, 2020
A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering. The exploit was developed by Gaëtan Leurent and Thomas Peyrin, academic researchers at Inria France and Nanyang Technological University/Temasek Laboratories in Singapore. They ...