In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- UK: Staff details stolen in poultry factory cyber attack
August 28, 2024
Staff at a poultry factory in Norfolk have had their personal details stolen in a cyber attack. Banham Poultry, based in Attleborough, said criminals had remotely accessed its system in the early hours of 18 August. In an email sent to staff, seen by the BBC, the company said information such as National Insurance numbers, copies ...
- Interpol busts Black Axe global crime network, arrest over 300
August 28, 2024
The International Criminal Police Organisation (INTERPOL) Police units had in a coordinated action in 21 countries between April and July 2024 arrested over 300 people with links to Nigerian criminal group Black Axe and other affiliated groups. In a statement, Interpol said operation “Operation Jackal III” led to hundreds of arrests, the seizure of assets worth ...
- Hunters International ransomware gang threatens to leak US Marshals data
August 27, 2024
The Hunters International ransomware group is threatening to leak what it claims to be 386 GB of data from the U.S. Marshals Service (USMS), more than a year after the federal law enforcement agency suffered a major ransomware attack. The gang claims the data, comprising more than 327,000 files, includes “Top Secret” documents, gang files, information ...
- Unveiling Mobile App Vulnerabilities: How Popular Apps Leak Sensitive Data
August 27, 2024
In an increasingly digital world, the importance of mobile security cannot be overstated. With millions of apps available on Google’s Play Store and Apple’s App Store, users trust developers to safeguard their personal information. Unfortunately, this trust is often misplaced. A key step in preventing unauthorized access to user data is encryption, especially when it comes ...
- SMS scammers use toll fees as a lure
August 27, 2024
In April 2024, the FBI warned about a new type of smishing scam. Smishing is the term we use for phishing attacks sent via text message. This particular smishing scam tries to trick users into clicking a link by telling them they owe a “small amount” in toll fees. The scammers send a text claiming that ...
- Cyber attacks on law firms jumped by 77% over the past year
August 27, 2024
The number of successful cyber attacks against UK law firms rose by 77% in the past year to 954, up from 538 the year before, according to a new study of the threat. Chartered accountants Lubbock Fine said that the wave is driven by criminals seeing law firms as prime targets for ransomware attacks or blackmail. This ...

