North Korean cyber group, Citrine Sleet, has exploited a zero-day vulnerability (CVE-2024-7971) in Chromium-based browsers, impacting millions of users.
The vulnerability allows remote execution of malicious code on endpoint devices, compromising the security of users.
Microsoft warns users to update systems, apply security patches, and use advanced security solutions to mitigate the risk.
Citrine Sleet, affiliated with Bureau 121, actively exploits vulnerabilities and uses fake cryptocurrency resources to accomplish its goals.