In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- China’s Ministry of State Security reveals US’ infiltration of Huawei traced back to 2009
September 20, 2023
The US’ infiltration of Huawei headquarters’ servers can be traced back to 2009, China’s Ministry of State Security (MSS) said in an article released on Wednesday. The Chinese ministry disclosed despicable methods of cyber espionage adopted by US intelligence agencies, which include establishing cyberattack arsenals, coercing technology companies to cooperate, and distorting the truth to ...
- FBI and CISA Release Advisory on Snatch Ransomware
September 20, 2023
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known ransomware IOCs and TTPs associated with the Snatch ransomware variant identified through FBI investigations as recently as June 1, 2023. Since mid-2021, Snatch threat actors have consistently evolved their tactics to take advantage of ...
- Australia: Pizza Hut says customer data breached in cyber hack
September 20, 2023
The personal details of pizza lovers across Australia have been compromised in a cyber attack on Pizza Hut. The popular fast-food chain, with 251 restaurants across the country, revealed it had been hacked in an email to customers on Wednesday. “In early September, we became aware of a cyber security incident where an unauthorised third party ...
- Cyber attack on International Criminal Court in The Hague; Hackers stole sensitive docs
September 20, 2023
The International Criminal Court (ICC) in The Hague fell victim to a cyber attack last week, the court confirmed in a statement after reporting by NOS. A source told the broadcaster that the hackers gained access to a large number of sensitive documents, but an ICC spokesperson would not confirm that. The spokesperson told NOS that ...
- New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants
September 19, 2023
Cisco Talos recently discovered a new malware family we’re calling “HTTPSnoop” being deployed against telecommunications providers in the Middle East. HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests for specific HTTP(S) URLs and execute that content on the ...
- CISA Releases Four Industrial Control Systems Advisories
September 19, 2023
CISA released four Industrial Control Systems (ICS) advisories on September 19, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-262-01 Siemens SIMATIC PCS neo Administration Console ICSA-23-262-03 Omron Engineering Software Zip-Slip Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related: CISA Adds One Known Exploited Vulnerability to Catalog

