U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

WeChat users targeted by hackers using recently disclosed Chromium exploit

Threat actors used the Chrome exploit publicly disclosed last week in attacks aimed at WeChat users in China, researchers warn. China-based firm Qingteng Cloud Security, reported that threat actors weaponized the recently disclosed Chrome exploit to target WeChat users in China. According to the researchers, the attacks only targeted users of the WeChat Windows app. The […]

WeChat

Threat actors used the Chrome exploit publicly disclosed last week in attacks aimed at WeChat users in China, researchers warn.

China-based firm Qingteng Cloud Security, reported that threat actors weaponized the recently disclosed Chrome exploit to target WeChat users in China. According to the researchers, the attacks only targeted users of the WeChat Windows app. The security firm did not reveal which of the two PoC codes released last week were employed in the attacks.

Attackers are sharing specially crafted links with WeChat users, upon clicking them, a JavaScript code will execute a shellcode on their underlying operating systems.

Last week, two distinct researchers released exploit codes for two new Chromium zero-day remote code execution exploit affecting Google Chrome, Microsoft Edge, and likely other Chromium-based browsers.

The WeChat Windows client was impacted by the issues because it leverages the Chromium browser engine to manage links within the application.

Both remote code execution vulnerabilities disclosed last week could not escape Chromium’s sandbox, which means that attackers have chained them with a sandbox escape exploit to executing arbitrary code on the underlying system.

Anyway, as reported in a post by The Record, applications that don’t use a sandbox mechanism could expose the underlying OS to the risk of a hack.

Qingteng shared its findings with Tencent, the Chinese giant that developed WeChat, which updated the Chromium engine used by the application.

The good news is that both flaws have been already addressed by maintainers of the Chromium project and developers of major browsers are applying them.

Chrome has only fixed one of the flaws (CVE-2021-21220), while Microsoft Edge fixed both exploits.

If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Chrome)

[adrotate banner=”5″]

[adrotate banner=”13″]