Kaspersky Uncovers Critical Zero-Day Vulnerability in Google Chrome
Kaspersky has identified and helped patch a zero-day vulnerability in Google Chrome (CVE-2025-2783) that allowed attackers to bypass the browser’s sandbox protection.
Discovered by Kaspersky’s Global Research and Analysis Team (GReAT), the exploit required only a click on a malicious link to compromise systems. The attack, named “Operation ForumTroll,” targeted media, educational, and government institutions in Russia through phishing emails.
Kaspersky detected the attack in mid-March 2025, when users clicked on personalized phishing links that delivered malware without further user interaction. The company alerted Google, which released a security patch on March 25, 2025.
The exploit was part of a larger attack chain, including an unknown remote code execution exploit, suggesting the involvement of an Advanced Persistent Threat (APT) group focused on espionage.
Google credited Kaspersky for reporting the vulnerability, reinforcing the importance of collaboration in cybersecurity. Kaspersky continues investigating and has pledged to release a full technical report.
Security experts advise users to update Google Chrome and adopt a multi-layered security approach, including threat intelligence services, to protect against future exploits.
Discover more from TBC News
Subscribe to get the latest posts sent to your email.
