In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Public and Private Medical Community Targeted by China-Nexus Threat Actor
June 15, 2026
Google Threat Intelligence Group (GTIG) has identified a sophisticated campaign attributed to UNC6508, a People’s Republic of China (PRC)-nexus threat actor, targeting institutions in the North American academic, medical, and military research community. While remaining undetected for over a year, the threat actor compromised externally facing web applications, deployed bespoke malware, pivoted to sensitive internal ...
- Japanese electricity giant apologises after physical drive with data of 10.9 million clients goes missing
June 12, 2026
A Japanese energy giant has apologised after losing a physical storage drive containing the data on millions of its clients. Workers for Kyushu Electric Power Co. apparently mislaid the drive, which had been left in an unlocked cabinet, the company explained in an official announcement. The drive allegedly contained information on up to 10.9 million accounts, including customer ...
- Novo Nordisk reports cyberattack as UK gives Wegovy pill the nod
June 12, 2026
Pharmaceutical giant Novo Nordisk says data related to clinical trial participants was stolen as part of a cyberattack. The affected patient data was pseudonymized and not directly linked to names or other direct identifiers, the company said. The maker of the Wegovy weight-loss drug said the affected data types include patient ID, information on trial participation, gender, ...
- More than 12,000 servers supported a coordinated phishing infrastructure worldwide
June 11, 2026
When a suspicious email lands in your inbox promising financial rewards or urgent payment requests, the infrastructure behind that email is rarely what it appears to be. An investigation by Comparitech revealed a coordinated spam and phishing network spanning 12,704 servers in 55 countries. These phishing emails are tied to fake financial rewards and similar scams, using tactics designed ...
- Criminal AI-as-a-Service in 2026: How the Underground Market Is Operationalizing Cybercrime
June 11, 2026
The underground market for criminally oriented generative AI has moved beyond the early hype surrounding ‘malicious chatbots.’ The gradual integration of AI as a productivity layer within cybercrime operations has become the dominant story, indicating that while the potential for fully autonomous AI hacking systems is possible, attackers are not embracing them as expected. Instead, ...
- Oracle warns of security bug that hackers abused to breach 100+ companies
June 11, 2026
Oracle warned its corporate customers that there is a critical-rated vulnerability in its PeopleSoft software, which is used by large companies to manage payroll and human resources, a day after a cybercrime group took credit for abusing the flaw as part of a mass-hacking campaign. The company published the security advisory on Thursday after the hacking group ShinyHunters ...