In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware.
In all cases, infection occurred immediately after the victim clicked on a link in a phishing email, and the attackers’ website was opened using the Google Chrome web browser. No further action was required to become infected. All malicious links were personalized and had a very short lifespan. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox. Kaspersky researchers quickly analyzed the exploit code, reverse-engineered its logic, and confirmed that it was based on a zero-day vulnerability affecting the latest version of Google Chrome, which was then reported to the Google security team.
Read more…
Source: Kaspersky
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- CISA Directs Federal Agencies to Identify and Mitigate Potential Compromise of Cisco Devices
September 25, 2025
Today, CISA issued Emergency Directive ED 25-03: Identify and Mitigate Potential Compromise of Cisco Devices to address vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Cisco Firepower devices. CISA has added vulnerabilities CVE-2025-20333 and CVE-2025-20362 to the Known Exploited Vulnerabilities Catalog. The Emergency Directive requires federal agencies to identify, analyze, and mitigate potential compromises immediately. Agencies ...
- New LockBit 5.0 Targets Windows, Linux, ESXi
September 25, 2025
Trend™ Research has identified and analyzed the source binaries of a new LockBit version in the wild, which is the latest from the group’s activities following the February 2024 law enforcement operation (Operation Cronos) that disrupted their infrastructure. In early September, the LockBit ransomware group reportedly resurfaced for their sixth anniversary, announcing the release of “LockBit ...
- Co-op digests £80m profit hit from cyber attack
September 25, 2025
he Co-operative Group has revealed an £80m hit to half-year profit after a damaging cyber attack earlier this year. The retail and funerals specialist said that it had slumped to a loss in the first half of 2025 after being targeted by a “malicious” cyber attack. Shoppers were faced with empty shelves and issues with payments ...
- Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors
September 24, 2025
Google Threat Intelligence Group (GTIG) is tracking BRICKSTORM malware activity, which is being used to maintain persistent access to victim organizations in the United States. Since March 2025, Mandiant Consulting has responded to intrusions across a range of industry verticals, most notably legal services, Software as a Service (SaaS) providers, Business Process Outsourcers (BPOs), and Technology. ...
- US federal agency breached by hackers using GeoServer exploit
September 24, 2025
In mid-July 2024, a threat actor managed to break into a US Federal Civilian Executive Branch (FCEB) agency by exploiting a critical remote code execution (RCE) vulnerability in GeoServer, the government has confirmed. In an in-depth report detailing the incident, the US Cybersecurity and Infrastructure Security Agency (CISA) outlined how the attackers leveraged CVE-2024-36401, a 9.8/10 ...
- UK: Man arrested in connection with cyber-attack on airports
September 24, 2025
A person has been arrested in connection with a cyber-attack which has caused days of disruption at several European airports including Heathrow. The National Crime Agency (NCA) said a man in his forties was arrested in West Sussex “as part of an investigation into a cyber incident impacting Collins Aerospace”. There have been hundreds of flight ...

