Summary: Google has addressed a high-severity zero-day vulnerability, CVE-2025-2783, in Chrome that was being exploited to escape the browser’s sandbox for espionage attacks targeting Russian organizations. The flaw allows attackers to deploy sophisticated malware through phishing campaigns. The patch is being rolled out for users globally, with further details on the attacks yet to be fully disclosed by Google.
Affected: Google Chrome
Keypoints :
- Vulnerability CVE-2025-2783 enables malware deployment in espionage operations.
- Users are urged to update Chrome manually or wait for automatic updates to install the fix.
- The security breach is part of a cyber-espionage campaign named Operation ForumTroll targeting Russian entities.