ChainCatcher message, Microsoft cybersecurity researchers have discovered a zero-day vulnerability in the Chromium engine, which powers browsers like Chrome. This vulnerability has been exploited by a North Korean hacker group known as Citrine Sleet, specifically targeting cryptocurrency users. Citrine Sleet has used a rootkit malware called FudModule to create fake cryptocurrency trading platform websites, luring users into downloading malware or weaponized cryptocurrency wallets, thereby gaining remote code execution access to steal the victims' crypto assets. This vulnerability was patched on August 21, and users are urged to update their browsers as soon as possible to ensure safety. This is the third exploited Chromium zero-day vulnerability this year.

ChainCatcher message, the Web3 security agency Wallet Guard stated that Google has released an emergency update for a new zero-day vulnerability (CVE-2023-7024) and recommends users to update their Chrome browser (including Brave, Opera, and Edge) in a timely manner.

ChainCatcher message, Fantom Foundation Telegram community administrator Jane stated that due to a zero-day vulnerability on Google Chrome, some hot wallet assets of the Fantom Foundation have been depleted, with losses amounting to hundreds of thousands of dollars. They are currently actively tracking the movement of the lost funds. Most of the foundation's assets are stored in cold wallets and remain unaffected. Jane recommends that users upgrade Chrome to the latest version.According to CertiK monitoring, some wallets of the Fantom Foundation on Ethereum and Fantom have been attacked, with confirmed losses amounting to $657,000.

Chaincatcher news, the Chrome browser has released an emergency update for version 105.0.5195.102 (Mac, Linux, and Windows) to fix a new high-severity zero-day vulnerability, identified as CVE-2022-3075, caused by insufficient data validation in the Mojo runtime library collection. Over the past three months, multiple zero-day vulnerabilities have been discovered in the Chrome browser. (Source link)