Citrine Sleet, a financially motivated North Korean threat actor, used a zero-day vulnerability in Google’s Chromium browser to target the cryptocurrency industry, exploiting a critical flaw in Chromium and a privilege escalation bug in the Windows kernel to steal cryptocurrencies from their victims.
View full story…