Security News > 2024 > October > Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
2024-10-23 18:03
The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. [...]
News URL
Related news
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Iranian hackers now exploit Windows flaw to elevate privileges (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Google: 70% of exploited flaws disclosed in 2023 were zero-days (source)
- Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-15 | CVE-2024-4947 | Type Confusion vulnerability in multiple products Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |