According to ChainCatcher, Microsoft cybersecurity researchers have discovered a zero-day vulnerability in the Chromium engine, which powers browsers such as Chrome. This vulnerability was exploited by a North Korean hacker group called Citrine Sleet, specifically targeting cryptocurrency users. Citrine Sleet used a rootkit malware called FudModule to create a fake cryptocurrency trading platform website to trick users into downloading malware or weaponized crypto wallets, thereby gaining remote code execution permissions and stealing the victim's crypto assets. This vulnerability was fixed on August 21, and users need to update their browsers as soon as possible to ensure safety. This is the third Chromium zero-day vulnerability that has been exploited this year.