Back to Hub

Chrome Zero-Day Crisis: Russian Hackers Exploit Critical Vulnerabilities

Imagen generada por IA para: Crisis de Zero-Day en Chrome: Hackers Rusos Explotan Vulnerabilidades Críticas

The cybersecurity landscape is facing an unprecedented wave of Chrome zero-day attacks in 2024, with Google confirming 75 actively exploited vulnerabilities in the first half of the year alone. What makes this crisis particularly concerning is that 44% of these exploits specifically target enterprise security products, bypassing traditional defense mechanisms.

Russian-linked threat actors, including the financially motivated TaxOff group, have been identified as primary perpetrators. Their attack chains typically begin with malicious PDFs or compromised websites that deliver browser exploits, often coupled with post-exploitation frameworks targeting Windows systems.

Technical Analysis of Active Exploits:
Google's emergency update addresses two critical vulnerabilities currently under exploitation:

  1. A type confusion flaw in Chrome's V8 JavaScript engine (CVE-2025-31324)
  2. A memory corruption vulnerability in WebGPU implementation

These flaws allow attackers to execute arbitrary code, escape sandbox protections, and establish persistent access. Darktrace researchers observed exploitation attempts within 72 hours of vulnerability disclosure, highlighting the shrinking window for patch deployment.

Enterprise Impact:
The attacks show sophisticated understanding of corporate environments:

  • Targeting SAP NetWeaver integrations through compromised browsers
  • Using Chrome vulnerabilities as entry points for lateral movement
  • Deploying custom malware that evades signature-based detection

Mitigation Strategies:

  1. Immediate patching of Chrome to version 124.0.6367.201 or later
  2. Network segmentation for browser traffic
  3. Behavioral monitoring for anomalous JavaScript execution
  4. Restricting WebGPU API access in enterprise environments

The frequency of these attacks suggests a mature exploit development ecosystem, with evidence pointing to collaboration between Russian cybercriminal groups and APT actors. Security teams must adopt assume-breach postures, as traditional vulnerability management cycles are proving inadequate against these rapidly weaponized flaws.

Original sources

NewsSearcher

This article was generated by our NewsSearcher AI system, analyzing information from multiple reliable sources.

Google Reports 75 Zero-Days Exploited in 2024 — 44% Targeted Enterprise Security Products - The Hacker News

Google News
View source

Tracking CVE-2025-31324: Darktrace’s detection of SAP Netweaver exploitation before and after disclosure - Darktrace

Google News
View source

⚡ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More - The Hacker News

Google News
View source

Zero-days from top security vendors were most exploited CVEs in 2023 - Cybersecurity Dive

Google News
View source

Google addresses 2 actively exploited vulnerabilities in security update - CyberScoop

Google News
View source

⚠️ Sources used as reference. CSRaid is not responsible for external site content.

By Alvaro Salinas Cybersecurity Engineer
This article was written with AI assistance and reviewed by our editorial team.

Comentarios 0

¡Únete a la conversación!

Sé el primero en compartir tu opinión sobre este artículo.