In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Threat Brief: Microsoft DNS Server Wormable Vulnerability CVE-2020-1350
July 21, 2020
In July 2020, Microsoft released a security update, CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability, for a new remote code execution (RCE) vulnerability. This vulnerability exists within the Microsoft Windows Domain Name System (DNS) Server due to the improper handling of certain types of requests, specifically over port 53/TCP. Exploitation of this vulnerability is ...
- Hacker Infrastructure And Underground Hosting 101
July 21, 2020
In the cybercrime underground, a criminal’s hosting infrastructure serves as the foundation of their entire business model. It hosts anonymizing services for keeping their activities private, command-and-control (C&C) servers for taking advantage of victims’ machines, and discussion forums for communicating with other criminals. Criminal sellers provide services and infrastructures that other criminals need to execute ...
- BadPower attack corrupts fast chargers to melt or set your device on fire
July 20, 2020
Chinese security researchers said they can alter the firmware of fast chargers to cause damage to connected (charging) systems, such as melt components, or even set devices on fire. The technique, named BadPower, was detailed last week in a report published by Xuanwu Lab, a research unit of Chinese tech giant Tencent. According to researchers, BadPower works ...
- Two more cyber-attacks hit Israel’s water system
July 20, 2020
Two more cyber-attacks have hit Israel’s water management facilities, officials from the Water Authority said last week. Officials said the attacks took place last month, in June, and didn’t cause any damage to the attacked organizations. The first attack hit agricultural water pumps in upper Galilee, while the second one hit water pumps in the central province ...
- Ransomware gang demands $7.5 million from Argentinian ISP
July 20, 2020
A ransomware gang has infected the internal network of Telecom Argentina, one of the country’s largest internet service providers, and is now asking for a $7.5 million ransom demand to unlock encrypted files. The incident took place over the weekend, on Saturday, July 18, and is considered one of Argentina’s biggest hacks. Sources inside the ISP said ...
- Emotet-TrickBot malware duo is back infecting Windows machines
July 20, 2020
After awakening last week and starting to send spam worldwide, Emotet is now once again installing the TrickBot trojan on infected Windows computers. On July 17th, 2020, after over five months of inactivity, the Emotet Trojan woke up and started massive spam campaigns pretending to be payment reports, invoices, shipping information, and employment opportunities. These spam emails ...