Security News > 2024 > October > Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

2024-10-23 18:03
The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. [...]
News URL
Related news
- Google Chrome to use on-device AI to detect tech support scams (source)
- Google Chrome to block admin-level browser launches for better security (source)
- Google fixes high severity Chrome flaw with public exploit (source)
- Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own (source)
- Google Chrome's Built-in Manager Lets Users Update Breached Passwords with One Click (source)
- Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images (source)
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- North Korean Hackers Disguised as IT Workers Targeting UK, European Companies, Google Finds (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- Google’s Sec-Gemini v1 Takes on Hackers & Outperforms Rivals by 11% (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-05-15 | CVE-2024-4947 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 9.6 |