THE article reports on the detection of critical vulnerabilities today, including CVEs related to JoomShaper SP Page Builder and Adobe ColdFusion. It highlights a malicious Chrome extension campaign analyzed by D3Lab, which targeted Italian users through phishing emails masquerading as invoices, leading to a Native Messaging backdoor exploit. This backdoor allowed the malware to execute PowerShell commands and steal cookies and browsing data.
The delivery method involved obfuscated JavaScript files named to appear as PDFs. Detection strategies are suggested, emphasizing the monitoring of unexpected Chrome enterprise policy values and the need for comprehensive response beyond removing the extension.