Kaspersky’s security researchers detected a new zero-day vulnerability in Chrome.
Very similar to Lazarus attack
The vulnerability was named as Operation WizardOpium by Kasperksy. Researchers found many similarities when they compared it with the Lazarus attack, which was discovered using Kaspersky’s automated threat detection systems and with a CVE number as CVE-2019-13720.
Anton Ivanov, a security expert at Kaspersky talked about the issue:
The finding of a new Google Chrome zero-day in the wild once again demonstrates that it is only collaboration between the security community and software developers, as well as constant investment in exploit prevention technologies, that can keep us safe from sudden and hidden strikes by threat actors.
Google also discovered this new flaw and issued a patch for it. They warned users to install the patch immediately and always keep the software updated.