North Korean Hackers Actively Exploiting Chromium RCE Zero-Day In The Wild

3 September 2024

Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution on cryptocurrency targets. The threat actor deployed the FudModule rootkit, previously attributed to Diamond Sleet, suggesting potential shared use of malware between these North Korean threat actors. The V8 JavaScript engine in Chrome versions prior to 128.0.6613.84 contained a type confusion vulnerability (CVE-2024-7971) that could be exploited to achieve remote code execution in the sandboxed renderer process.

Source: GBHackers

Date:

3 September 2024

Categorie(s):

NEWS

Tag(s):

Chromium, Cyber Security News, Google, Wild, Zero Day Exploits

Data Vigilante Leaks 8 Million Employee Records from Amazon, HP and Others12 November 2024
‘Cybersecurity issue’ at Food Lion parent blamed for US grocery mayhem12 November 2024
Biden Administration to Back UN Cybercrime Treaty Amid Controversy12 November 2024
The AI Fix #24: Where are the alien AIs, and are we being softened up for superintelligence?12 November 2024
DeepTempo exits stealth with AI-powered cybersecurity app on Snowflake Marketplace12 November 2024