Kaspersky – WindowsTechs.com

Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)

Posted on March 28, 2025 by Zeljka Zorz

Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw – and they found it. There’s currently no … Continue reading Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)→

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)

Posted on March 26, 2025 by Zeljka Zorz

Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The vulnerability was flagged by Kaspersky researchers, who d… Continue reading Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)→

Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky

Posted on March 25, 2025 by Ryan Naraine

The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.
The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on Security… Continue reading Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky→

Angry Likho APT Resurfaces with Lumma Stealer Attacks Against Russia

Posted on February 27, 2025 by Waqas

Angry Likho APT resurfaces, targeting Russian and Belarusian organizations with Lumma Stealer malware via phishing attacks, stealing credentials, banking data, and more. Continue reading Angry Likho APT Resurfaces with Lumma Stealer Attacks Against Russia→

Hundreds of GitHub repos served up malware for years

Posted on February 26, 2025 by Zeljka Zorz

Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying whether it’s malicious. “Over the cour… Continue reading Hundreds of GitHub repos served up malware for years→

Kaspersky Banned on Australian Government Systems

Posted on February 24, 2025 by Eduard Kovacs

Australian government entities have been banned from using products and services of Russian cybersecurity company Kaspersky.
The post Kaspersky Banned on Australian Government Systems appeared first on SecurityWeek.
Continue reading Kaspersky Banned on Australian Government Systems→

Screenshot-Reading Malware

Posted on February 7, 2025 by Bruce Schneier

Kaspersky is reporting on a new type of smartphone malware.
The malware in question uses optical character recognition (OCR) to review a device’s photo library, seeking screenshots of recovery phrases for crypto wallets. Based on their assessment… Continue reading Screenshot-Reading Malware→

Crypto-stealing iOS, Android malware found on App Store, Google Play

Posted on February 5, 2025 by Zeljka Zorz

A number of iOS and Android apps on Apple’s and Google’s official app stores contain a software development kit (SDK) that allows them to exfiltrate cryptowallets’ seed recovery phrases, Kaspersky researchers have found. “The in… Continue reading Crypto-stealing iOS, Android malware found on App Store, Google Play→