Researchers have been compromised after visiting the actors blog after following a link on Twitter to a write-up hosted on blog.br0vvnn[.]io. A malicious service was installed on the researchers system and an in-memory backdoor would begin beaconing to an actor-owned command and control server. At this time were unable to confirm the mechanism of compromise, but we welcome any information others might have. Chrome vulnerabilities, including those being exploited in the wild, are eligible for reward payout under Chrome’s Vulnerability Reward Program.”]
Source: https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/