Reports by Google Cloud and Trellix indicate there is growing collaboration between nation-state actors and cybercriminal networks for help with initial access and the use of custom malware sold on underground forums.

Russian hackers exploited vulnerabilities in Safari and Chrome to launch cyberattacks from November 2023 to July 2024. They used a watering hole attack on Mongolian government websites to infect mobile users with malware, stealing information.

The recent campaigns targeting various sectors, including the energy and government sectors, highlight the effectiveness of known vulnerabilities even with available patches, emphasizing the importance of proactive software security measures.

A new campaign has been discovered with similarities to a previous campaign, including the use of social media sites to build rapport with targets. The threat actors then engage in encrypted messaging and send a malicious file with a 0-day exploit.

Android 14 introduces new security measures to mitigate the risks associated with 2G networks, allowing users and enterprises to disable 2G connectivity and protect against potential attacks.

The shift towards zero-click exploits and new browser mitigations has led to a decrease in browser zero-days, but attackers are still finding ways to exploit vulnerabilities in other components.

Chrome Browser Cloud Management offers extension management capabilities and reporting to enable organizations to control extension usage and mitigate potential security risks.

According to Google, GUAC aggregates software security metadata and maps it to a standard vocabulary of concepts relevant to the software supply chain. They explained that this data can be accessed via a GraphQL interface.

As part of Google’s ongoing efforts to improve open-source security, the Open Source Insights team has built a reliable view of software metadata across five packaging ecosystems.

In this blog, researchers have shared details about two distinct campaigns that used various 0-day exploits against Android, iOS, and Chrome and were both limited and highly targeted.