Google has released an urgent security update to patch a high-risk zero-day vulnerability in its Chrome browser that allowed attackers to bypass security protections.
The flaw, tracked as CVE-2025-2783, was discovered by Kaspersky’s Global Research and Analysis Team (GReAT) and was reportedly exploited in targeted cyberattacks against media organizations, government agencies, and educational institutions.
The vulnerability allowed attackers to escape Chrome’s sandbox security mechanism, making it possible to execute malicious code on users’ systems without triggering obvious warnings.
Google has rolled out an update to address the flaw, and users are advised to update their browsers immediately.
Operation ForumTroll
According to Kaspersky, a sophisticated Advanced Persistent Threat (APT) group leveraged the vulnerability as part of an attack campaign dubbed “Operation ForumTroll.”
This operation primarily targeted individuals in Russia, including journalists, academics, and government personnel.
Attackers used highly personalized phishing emails to lure victims into clicking on malicious links. These emails invited recipients to join the “Primakov Readings” forum, a legitimate geopolitical discussion platform.
However, the phishing links quickly expired and redirected users to the real forum after executing the exploit in the background.
How the Exploit Worked
Unlike the traditional malware attacks that rely on users downloading infected files, this exploit was particularly dangerous because
- It required minimal user interaction; simply clicking the link was enough to trigger the exploit.
- It bypassed Chrome’s sandbox protections, allowing the malware to run on the victim’s machine.
- No visible malicious activity was immediately detected, making it difficult for victims to realize they had been compromised.
Boris Larin, Principal Security Researcher at Kaspersky GReAT, described the flaw as one of the most significant Chrome zero-days recently.
“This vulnerability stands out among the dozens of zero-days we’ve discovered over the years. It managed to completely disregard Chrome’s security boundaries without triggering any obvious malicious actions.”
How to Protect Yourself
Google has released a security patch for Chrome on Windows, and updates for other Chromium-based browsers (such as Edge and Brave) are expected soon. To stay protected:
Update Chrome Immediately:
- Open Google Chrome.
- Click on the three-dot menu (top-right corner).
- Select Help > About Google Chrome.
- If an update is available, Chrome will install it automatically.
- Restart the browser to apply the update.
Be Cautious of Phishing Emails
- Avoid clicking on unexpected email links, even if they appear legitimate.
- Double-check email senders and URLs before interacting with links.
Enable Enhanced Safe Browsing
- Go to Chrome Settings > Privacy and Security > Safe Browsing.
- Select Enhanced Protection to receive real-time phishing and malware warnings.
This incident underscores the increasing sophistication of cyberattacks, particularly those targeting journalists, government employees, and researchers.
With phishing tactics becoming more targeted and deceptive, updating your browser and practicing cybersecurity awareness are crucial steps in staying protected.
Google is expected to release further technical details once enough users have updated their browsers. Until then, staying vigilant and proactive is the best defense against these evolving threats.
