In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Feds accuse Ukrainian of renting out PC-raiding Raccoon malware to fiends
October 26, 2022
Mark Sokolovsky, 26, a Ukrainian national, is being held in the Netherlands while he awaits extradition to America on cybercrime charges, the US Justice Department said on Tuesday. Sokolovsky, said to have used the online names Photix, Raccoon Stealer, and black21jack77777, was indicted on November 2, 2021 by a federal grand jury for his alleged role ...
- Insider Threat: The Dangers Within
October 25, 2022
Mandiant has adopted the Cyber and Infrastructure Security Agency (CISA) definition of insider, which states, “An insider is any person who has or had authorized access to or knowledge of an organization’s resources, including personnel, facilities, information, equipment, networks, and systems.” An insider threat is then the “potential for that insider to use their authorized access ...
- Hive claims ransomware attack on Tata Power, begins leaking data
October 25, 2022
Hive ransomware group has claimed responsibility for a cyber attack disclosed by Tata Power this month. A subsidiary of the multinational conglomerate Tata Group, Tata Power is India’s largest integrated power company based in Mumbai. In screenshots seen by BleepingComputer, Hive operators have posted data they claim to have stolen from Tata Power, indicating that the ransom ...
- CISA Adds Six Known Exploited Vulnerabilities to Catalog
October 24, 2022
CISA has added six vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the “Date Added ...
- Apple fixes new zero-day used in attacks against iPhones, iPads
October 24, 2022
In security updates released on Monday, Apple has fixed the ninth zero-day vulnerability used in attacks against iPhones since the start of the year. Apple revealed in an advisory today that it’s aware of reports saying the security flaw “may have been actively exploited.” The bug (CVE-2022-42827) is an out-of-bounds write issue reported to Apple by an ...
- DHL named most-spoofed brand in phishing
October 24, 2022
DHL is the most spoofed brand when it comes to phishing emails, according to Check Point. Crooks most frequently used the brand name in their attempts to steal personal and payment information from marks between July and September 2022, with the shipping giant accounting for 22 percent of all worldwide phishing attempts intercepted by the cybersecurity ...