North Korean Hackers Exploited Chrome Zero-Day for Cryptocurrency Theft

October 24, 2024 at 09:05AM Lazarus APT developed a fraudulent website leveraging a Chrome zero-day vulnerability to install malware and steal cryptocurrency, as reported by SecurityWeek. **Meeting Notes Takeaways:** 1. **Event Overview**: The Lazarus APT (Advanced Persistent Threat) group has developed a deceptive website. 2. **Exploitation Method**: The group exploited a zero-day vulnerability in Chrome … Read more

BreachForums admin ‘Pompourin’ sentenced to 20 years of supervised release

January 21, 2024 at 09:37PM “Pompourin,” former admin of BreachForums, sentenced to 20 years supervised release after pleading guilty to running a site facilitating sales of stolen data, hacking tools, and illegal materials. New UEFI vulnerabilities, PixieFail, impact network booting, involving several vendors. Also critical Chrome and Ivanti Endpoint Manager Mobile vulnerabilities. Researchers discover iOS … Read more

Google Patches Another Chrome Zero-Day as Browser Attacks Mount

November 29, 2023 at 03:28PM Google has revealed another actively exploited Chrome zero-day vulnerability (CVE-2023-6345) due to an integer overflow in Skia graphics. It’s the seventh zero-day patched this year amidst numerous critical browser flaws disclosed by major tech companies. Growing browser usage and Chromium’s shared base have heightened interest among attackers, leading to increased … Read more