All news with #memento labs tag

Chrome zero-day exploited in targeted Operation ForumTroll

🔒 A critical Chrome zero-day (CVE-2025-2783) has been actively exploited in a targeted espionage operation Kaspersky calls "Operation ForumTroll," attributed to the threat actor Mem3nt0 mori. Attackers used highly personalized phishing invites and one-click, short-lived links to deliver a sandbox-escape exploit that enabled code execution in Chrome's browser process. Google moved quickly with fixes in Chrome 134.0.6998.177/.178, while related issues were later patched in Firefox as CVE-2025-2857.

Italian Spyware Vendor Linked to Chrome Zero-Day Attacks

🔎 Kaspersky links a Chrome zero-day used in Operation ForumTroll to spyware tied to Memento Labs, a company formed from assets of the former Hacking Team. The campaign, revealed in March, used targeted phishing invites to the Primakov Readings and exploited a sandbox escape (CVE-2025-2783) to deploy a persistent loader. That loader decrypted and executed LeetAgent, a modular spyware, and in some cases introduced the Dante implant. Chrome and Firefox received patches soon after the discovery.