Adrian Johnson
TLDR:
– A 0-day vulnerability affecting Google Chrome, named “Sandbox RCE,” has been put up for sale on BreachForum.
– The flaw allows for arbitrary code execution with high privileges, bypassing the browser’s sandbox.
Another alarming discovery in the cyber-security landscape shakes the internet as a threat actor puts a dangerous 0-day vulnerability affecting Google Chrome on sale. The vulnerability, named “Sandbox RCE,” allows for arbitrary code execution with high privileges, potentially exposing vulnerable systems to significant risks. The flaw has been tested on two Chrome versions and targets Windows OS systems. The price for this exploit is fixed at 1 million USD, with payment methods limited to Monero or Bitcoin for anonymity. A well-known threat actor called IntelBroker is acting as a middleman for payment and exploit delivery. As 0-day vulnerabilities pose significant threats in the digital space, it is essential for users and companies to implement security measures and stay updated with patches to protect their systems. Given Chrome’s extensive user base, vigilance and awareness are crucial to avoid falling prey to such exploits. The collaboration and information sharing within the infosec community are vital in efficiently addressing dangerous threats like 0-days.
