In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- CISA catalog passes 1,000 known-to-be-exploited vulnerabilities. Celebration time, or is it?
October 11, 2023
On September 18, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) announced that its Known Exploited Vulnerabilities (KEV) catalog has reached the milestone of covering more than 1,000 vulnerabilities since its launch in November 2021. This may seem like a lot, but with over 25,000 new vulnerabilities released in 2022 alone, it helps organizations to ...
- Assessed Cyber Structure and Alignments of North Korea in 2023
October 10, 2023
Historically Mandiant has made assessments on the Democratic People’s Republic of Korea’s (DPRK) cyber program based on Mandiant responses to intrusions, defector accounts, and OSINT reporting, in conjunction with government disclosures of DPRK units and motivation information. These assessments were generalizations and as new activity, such as cryptocurrency-focused units, emerged it blended the efforts from DPRK ...
- How it works: The novel HTTP/2 ‘Rapid Reset’ DDoS attack
October 10, 2023
A number of Google services and Cloud customers have been targeted with a novel HTTP/2-based DDoS attack which peaked in August. These attacks were significantly larger than any previously-reported Layer 7 attacks, with the largest attack surpassing 398 million requests per second. The attacks were largely stopped at the edge of our network by Google’s ...
- Grayling: Previously unseen threat actor targets multiple organizations in Taiwan
October 10, 2023
A previously unknown advanced persistent threat (APT) group used custom malware and multiple publicly available tools to target a number of organizations in the manufacturing, IT, and biomedical sectors in Taiwan. A government agency located in the Pacific Islands, as well as organizations in Vietnam and the U.S., also appear to have been hit as ...
- ‘Gay furry hackers’ brag of second NATO break-in, steal and leak more data
October 10, 2023
On Sunday, the SiegedSec crew claimed it broke into six NATO web portals: the alliance’s Joint Advanced Distributed Learning e-learning website; the NATO Lessons Learned Portal, from which the gang said it stole 331 documents; the Logistics Network Portal (588 documents and other files); the Communities of Interest Cooperation Portal; the NATO Investment Division Portal ...
- Survey finds more than 50% of German companies victim of cyberattacks
October 10, 2023
A multi-country survey by the British insurer Hiscox shows that security authorities around the world are struggling in the fight against cybercrime. According to the Hiscox comparison with selected countries, German businesses are relatively frequent targets of hackers. The latest edition of the annual comparison of eight countries shows 53% of the companies surveyed reported cyberattacks. According ...

