Tag: BROWSER

New Phishing Campaign Uses Browser-in-the-Browser Attacks to Target Video Gamers/Counter-Strike 2 Players
A new phishing campaign targets Counter-Strike 2 players through complex browser-in-the-browser (BitB) phishing attacks using fake pop-up windows that impersonate legitimate sites. The campaign aims to steal Steam credentials, especially affecting fans of the esports team Navi, with potential resale of compromised accounts on various platforms.…
Read More
Defense Contractor Morse Corp Settles Cybersecurity Fraud Allegations for .6M
Summary: Morse Corp Inc., a Massachusetts defense contractor, will pay .6 million to settle allegations of cybersecurity fraud after misrepresenting compliance with federal cybersecurity standards. The lawsuit was initiated by whistleblower Kevin Berich, with the U.S. Department of Justice supporting the case, revealing that the company failed to implement essential cybersecurity controls.…
Read More
RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
Summary: The Russian-speaking hacking group RedCurl has been identified for the first time as launching a ransomware campaign using a new strain named QWCrypt. Historically known for corporate espionage attacks, RedCurl’s latest activities include sophisticated social engineering tactics to deploy malware and encrypt virtual machines, severely disrupting their targets.…
Read More
Chrome Releases Critical Update to Address CVE-2025-2783 Vulnerability
Summary: Google has released a critical security update for Chrome to address the high-severity vulnerability CVE-2025-2783 affecting the Windows version of the browser. The update, made available on March 25, 2025, fixes an issue within the Mojo component that could lead to potential system compromises. Users are advised to manually check for updates and exercise caution while browsing to avoid falling victim to exploits.…
Read More
Abracadabra Cyberattack: How Hackers Drained M from DeFi Platform
Summary: Abracadabra, a decentralized finance (DeFi) platform, suffered a cyberattack resulting in the theft of nearly million in cryptocurrency from its gmCauldrons. The incident has raised concerns across the cryptocurrency market, particularly affecting entities relying on liquidity tokens from decentralized exchanges. Abracadabra is actively working to mitigate the impact and has even offered a bug bounty to the hacker for the return of the stolen funds.…
Read More
Beyond the Scanner: How Phishers Outsmart Traditional Detection Mechanisms
The article discusses the evolving tactics used by phishers to evade detection by traditional URL scanning techniques. It highlights various methods, including geo-fenced filtering, user-agent filtering, and parameter-based filtering, that cybercriminals use to keep their phishing attacks active. The CloudSEK XVigil platform plays a crucial role in detecting these sophisticated phishing attempts.…
Read More
SnakeKeylogger: A Multistage Info Stealer Malware Campaign
The SnakeKeylogger campaign illustrates a sophisticated credential-stealing threat targeting both individuals and businesses. Utilizing multi-stage infection techniques, it cleverly evades detection while harvesting sensitive data from various platforms. Attackers employ malicious spam emails containing disguised executable files to initiate the infection. Affected: Individuals, Businesses, Email Clients, Web Browsers, FTP Clients.…
Read More
Google fixes Chrome zero-day exploited in espionage campaign
Summary: Google has addressed a high-severity zero-day vulnerability, CVE-2025-2783, in Chrome that was being exploited to escape the browser’s sandbox for espionage attacks targeting Russian organizations. The flaw allows attackers to deploy sophisticated malware through phishing campaigns. The patch is being rolled out for users globally, with further details on the attacks yet to be fully disclosed by Google.…
Read More
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
Summary: Google has released urgent fixes for a high-severity vulnerability in Chrome for Windows, known as CVE-2025-2783, which has been actively exploited to target organizations in Russia. The flaw involves an incorrect handle in Mojo, allowing attackers to bypass browser protections through phishing emails. This marks the first actively exploited Chrome zero-day of the year, with attacks linked to a sophisticated APT campaign called Operation ForumTroll.…
Read More
Malaysia Braces for Cyberattacks During Hari Raya: Cyber999 Issues Warning
Summary: A significant rise in cybersecurity incidents has been reported in Malaysia since early 2025, prompting Cyber999 to issue an advisory for heightened vigilance and preventive measures. The ongoing threats include ransomware, data breaches, and various scams, especially during the festive season. Key recommendations for system administrators, financial institutions, and home users are provided to mitigate these risks.…
Read More
Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain
Kaspersky technologies identified a sophisticated wave of malware infections targeting various organizations through phishing emails leading to malicious links. A critical zero-day vulnerability in Google Chrome, identified as CVE-2025-2783, allowed attackers to bypass the browser’s sandbox. The malware campaign, dubbed Operation ForumTroll, aimed at espionage targeting media outlets and government entities in Russia.…
Read More
YouTube Creators Under Siege Again: Clickflix Technique Fuels Malware Attacks
This report reveals a sophisticated malware campaign targeting YouTube creators through spearphishing, utilizing the Clickflix technique to deceive victims into executing malicious scripts. Attackers leverage brand impersonation and exploit interest in professional collaborations to spread malware via meticulously crafted phishing emails. Once activated, the malware steals sensitive data or allows remote access.…
Read More
CVE-2025-2783: Chrome Zero-Day Exploited in State-Sponsored Espionage Campaign
Summary: Kaspersky Labs has identified a complex cyber-espionage campaign named Operation ForumTroll, utilizing a new Google Chrome zero-day exploit (CVE-2025-2783) initiated through spear-phishing emails. The attack required no additional action from victims once they accessed the malicious link, with the exploit bypassing Chrome’s sandbox protections. This operation is believed to be conducted by a state-sponsored APT group targeting Russian media, educational institutions, and government organizations.…
Read More
Summary: A new phishing campaign targeting online gamers, especially Counter-Strike 2 players, employs sophisticated “browser-in-the-browser” (BitB) techniques to steal Steam accounts. Cybercriminals create convincing fake browser pop-up windows that mimic real login pages to trick victims into revealing their login credentials. The campaign also leverages the name of a professional eSports team, Navi, and promotes these scams through platforms like YouTube.…
Read More
Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky
Summary: Google has released a patch for a critical vulnerability (CVE-2025-2783) in its Chrome browser that was exploited in a state-sponsored cyberespionage campaign. Kaspersky identified this vulnerability as part of a sophisticated attack targeting Russian organizations, utilizing drive-by downloads through phishing techniques. The patch was expedited following the discovery of a sandbox escape flaw that compromised Chrome’s security measures.…
Read More
Rilide Stealer Disguises as a Browser Extension to Steal Crypto
Summary: A new threat named “Rilide” has emerged as a malicious browser extension that steals sensitive user information, primarily targeting Chromium-based browsers. Disguised as legitimate extensions like Google Drive, Rilide employs deceptive tactics including phishing campaigns and PowerShell loaders to install itself and capture data such as passwords and cryptocurrency credentials.…
Read More
Raspberry Robin: Copy Shop USB Worm Evolves to Initial Access Broker Enabling Other Threat Actor Attacks
The article discusses the ongoing threat posed by Raspberry Robin, a sophisticated initial access broker (IAB) linked to various cybercriminal organizations, particularly those connected to Russia. It highlights recent findings such as the discovery of nearly 200 unique command and control domains, the involvement of Russian GRU’s Unit 29155, and the threat actor’s evolution in attack methodologies.…
Read More