Featured Story
Google fixes eighth Chrome zero-day exploited in attacks in 2025
Summary
Google has released an emergency update for the Chrome browser to fix a critical zero-day vulnerability that is actively being exploited, marking the eighth Chrome zero-day patched in 2025.
The flaw affects Chrome on Windows, macOS, and Linux and has been addressed in the latest Stable releases. While Google has confirmed real-world exploitation, it has deliberately limited technical details to reduce the risk of further attacks before users apply the update.
Early analysis suggests the vulnerability is linked to the ANGLE graphics library and could allow memory corruption or arbitrary code execution.
Other News
Google ads for shared ChatGPT, Grok guides push macOS infostealer malware
Summary
Cybersecurity researchers have uncovered a macOS malware campaign abusing Google search ads and shared AI chat links to distribute the AMOS infostealer.
Attackers promote sponsored results that appear to link to legitimate ChatGPT or Grok troubleshooting guides, but instead direct users to conversations containing malicious Terminal commands.
When executed, these commands install malware capable of stealing credentials, browser data, Keychain information, and cryptocurrency assets.
The campaign highlights a growing trend of social engineering that exploits trust in search engines and AI platforms, reinforcing the need for caution when following online technical instructions.
NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems
Summary
Cybersecurity researchers have identified a new Windows backdoor named NANOREMOTE that leverages the Google Drive API for command-and-control (C2) and data exfiltration.
By using legitimate cloud infrastructure for communication, the malware blends malicious operations with normal network traffic, making detection more difficult.
The infection chain involves a loader component, WMLOADER, which masquerades as a legitimate executable to evade suspicion and decrypts the backdoor payload.
Once active, NANOREMOTE supports reconnaissance, remote command execution, file transfer via Google Drive, and self-termination, enabling sophisticated covert control over compromised systems.
Additionally, strong validation of software interacting with cloud platforms is essential to prevent malware like NANOREMOTE from bypassing traditional security measures.
8000 reports of fraudulent online shops in 2025
Summary
Belgian authorities have received 8,000 reports of fraudulent online shops so far in 2025, particularly as the year-end shopping season accelerates.
These deceptive webshops and dishonest sellers often lure shoppers with seemingly attractive offers, but buyers may never receive the products they paid for or can be misled into unwanted subscriptions.
The Federal Public Service Economy and Safeonweb urge shoppers to scrutinize web addresses carefully, avoid deals that appear “too good to be true,” use secure networks for payments, and prefer certified online retailers.
Suspicious webshops can be forwarded to any of the three email addresses from Safeonweb.
verdacht@safeonweb.be
suspect@safeonweb.be
suspicious@safeonweb.be