In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Houdini malware targets victims with keylogger, online bank account theft tools
June 17, 2019
A new variant of the Houdini malware has been detected in campaigns against financial institutions and their customers. Last week, cybersecurity researchers from Cofense said in a blog post that the new strain of Houdini — also known as HWorm — was released by its author on June 2, 2019. Dubbed WSH Remote Access Tool (RAT), it took the ...
- New Echobot malware is a smorgasbord of vulnerabilities
June 17, 2019
If there’s one thing that seems to have no end in sight is malware authors putting their own spin on the old Mirai malware and creating new botnets to haunt the IoT and enterprise landscapes. Not a month goes by without a new major botnet appearing out of nowhere and launching massive attacks against people’s smart ...
- AESDDoS Botnet Malware Infiltrates Containers via Exposed Docker APIs
June 14, 2019
Misconfiguration is not novel. However, cybercriminals still find that it is an effective way to get their hands on organizations’ computing resources to use for malicious purposes and it remains a top security concern. In this blog post, we will detail an attack type where an API misconfiguration in the open-source version of the popular DevOps tool ...
- Two hacking groups responsible for huge spike in hacked Magento 2.x stores
June 12, 2019
Two hacker groups are responsible for a huge spike in the number of hacked Magento 2.x shopping sites, according to Willem de Groot, founder of Sanguine Security. This is now the third month in a row when the number of hacked Magento 2.x sites has doubled, after it previously doubled from March to April, and again ...
- RAMBleed Attack – Flip Bits to Steal Sensitive Data from Computer Memory
June 12, 2019
A team of cybersecurity researchers yesterday revealed details of a new side-channel attack on dynamic random-access memory (DRAM) that could allow malicious programs installed on a modern system to read sensitive memory data from other processes running on the same hardware. Dubbed RAMBleed and identified as CVE-2019-0174, the new attack is based on a well-known class of DRAM side ...
- Intel NUC Firmware Open to Privilege Escalation, DoS and Information Disclosure
June 12, 2019
Intel has patched seven high-severity vulnerabilities in its mini PC NUC kit firmware. Intel has patched seven high-severity vulnerabilities in the system firmware of its Intel NUC (short for Next Unit of Computing), a mini-PC kit used for gaming, digital signage and more. Overall, the chip-maker patched 25 vulnerabilities across various platforms this week – including eight ...