In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Russian hackers DDoS Germany for aiding Ukraine
January 30, 2023
Russian hackers have proved yet again how quickly cyber attacks can be used to respond to global events with a series of DDoS attacks on German infrastructure and government websites in response to the country’s plan to send tanks to Ukraine. The efforts, according to Germany’s cyber security agency, the BSI, were largely in vain. “Currently, ...
- Infrastructure Companies Say Suppliers Pose a Growing Cyber Threat
January 27, 2023
Companies in critical infrastructure sectors say weak cyber defenses at suppliers are becoming a significant threat to their business, and that rules to boost security down the supply chain might be needed. While federal and industry rules for specific areas such as aviation, pipeline companies and other critical infrastructure operators are well-established, said Curley Henry, vice ...
- ISC Releases Security Advisories for Multiple Versions of BIND 9
January 27, 2023
The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Mitigating RBAC-Based Privilege Escalation in Popular Kubernetes Platforms
January 27, 2023
Prisma Cloud and Unit 42 recently released a report examining the use of powerful credentials in popular Kubernetes platforms, which found most platforms install privileged infrastructure components that could be abused for privilege escalation. Unit 42 happy to share that, as of today, all platforms mentioned in their report have addressed built-in node-to-admin privilege escalation. ...
- Ukraine: Sandworm hackers hit news agency with 5 data wipers
January 27, 2023
The Ukrainian Computer Emergency Response Team (CERT-UA) found a cocktail of five different data-wiping malware strains deployed on the network of the country’s national news agency (Ukrinform) on January 17th. “As of January 27, 2023, 5 samples of malicious programs (scripts) were detected, the functionality of which is aimed at violating the integrity and availability of ...
- Iranian and Russian hackers targeting politicians and journalists, warn UK officials
January 26, 2023
Iranian and Russian hackers are targeting British politicians and journalists with espionage attacks, officials have warned. The National Cyber Security Centre has issued a fresh alert about increasing attempts to steal information from specific groups and individuals. Read more… Source: BBC News

