Google rushed to release a critical security update for Chrome after researchers uncovered a high-severity zero-day vulnerability being actively exploited in the wild. The flaw, tracked as CVE-2025-2783, involves an incorrect handle in Chrome’s Mojo libraries on Windows systems. Pretty serious stuff.
Kaspersky researchers Boris Larin and Igor Kuznetsov spotted the vulnerability on March 20, 2025, and Google didn’t waste time patching it.
The exploit is no joke. It’s being used in a sophisticated espionage campaign called “Operation ForumTroll” targeting Russian organizations – media outlets, educational institutions, and government bodies. The targeted phishing campaigns utilized personalized malicious links designed to increase engagement and likelihood of infection. The attackers send phishing emails disguised as invitations to the “Primakov Readings” forum. Click the link, you’re compromised. No further action needed. Scary efficient.
Chrome version 134.0.6998.177/.178 for Windows addresses the vulnerability, with the update rolling out gradually since March 25. Users should manually check for updates and restart their browsers. The exploit is particularly troubling because it bypasses Chrome’s sandbox protection – a feature designed to contain threats.
Update Chrome immediately—this exploit defeats sandbox protection, leaving your system fully exposed to attackers.
Technical analysis reveals a complex attack chain using at least two vulnerabilities. The Chrome sandbox escape serves as the second stage, but researchers couldn’t obtain the first-stage remote code execution exploit. The short-lived malicious links make detection difficult. Classic APT move.
The high technical complexity suggests state-sponsored involvement. These aren’t amateur hackers – they’re professionals with resources and expertise. The vulnerability affects not only Chrome but also all Chromium-based browsers that share the same underlying technology. Google acknowledged Kaspersky’s contribution and emphasized the importance of timely updates.
Users should update Chrome immediately and enable automatic updates for future patches. The attack demonstrates once again that even sophisticated browsers like Chrome aren’t immune to vulnerabilities. This incident underscores the value of implementing tactical intelligence to provide security engineers with technical details needed to combat such advanced threats.
The cybersecurity community remains vigilant, collaborating globally to identify and address emerging threats. Meanwhile, the cat-and-mouse game between attackers and defenders continues. Same as it ever was.
