Memento Labs Linked to Chrome Zero-Day Exploit in 2025

Kaspersky researchers have attributed the first Chrome zero-day of 2025 to Memento Labs, formerly known as the Hacking Team. The vulnerability, CVE-2025-2783, was exploited in a state-sponsored cyber-espionage campaign. The attack involved sophisticated phishing tactics and the use of Dante spyware, which was traced back to 2022. The malware, LeetAgent, supported commands in leetspeak and connected to HTTPS C2s for various malicious activities. Researchers noted code overlaps between Dante and legacy RCS samples, strengthening the attribution to Memento Labs.

Latest mentioned: 10-27

Earliest mentioned: 10-27

Sources

cyberscoop.com securelist.com securityaffairs.com bleepingcomputer.com therecord.media cybersum.net

Also Read

Cryptocurrency Developers Targeted by NuGet Supply Chain Attack

Socket’s Threat Research Team discovered a sophisticated supply chain attack on the NuGet package registry targeting cryptocurrency developers. The malicious package, Netherеum.All, exploited a homoglyph attack by using a Cyrillic 'e' to impersonate the legitimate Nethereum library. This package exfiltrated sensitive wallet data, including private keys and mnemonics. The attack leveraged NuGet’s permissive Unicode naming rules, which do not restrict identifiers to ASCII characters. The malicious package was published on October 16, 2025, and removed by NuGet on October 20, 2025. The attackers also inflated download counts to make the package appear legitimate. Researchers linked this attack to an earlier typosquat named NethereumNet, indicating a persistent threat.

10-24Read more →