CVE-2025-2783

CVE-2025-2783 is a critical zero-day vulnerability discovered in Google Chrome’s Mojo component for Windows, actively exploited in a targeted espionage campaign. Dubbed “Operation ForumTroll,” attackers used phishing emails with malicious links to exploit the flaw, bypassing Chrome’s sandbox protections and enabling remote code execution. The attack targeted Russian media, educational, and government sectors. Google has since released a security patch in Chrome version 134.0.6998.177/.178 to mitigate the issue. CVE-2025-2783 is now listed in CISA’s Known Exploited Vulnerabilities Catalog. Users are strongly urged to update Chrome and exercise caution with suspicious emails to prevent compromise.

Google Chrome Zero-Day Vulnerability CVE-2025-2783 Actively Exploited – Here’s What You Need to Know

Ravi JainMarch 26, 2025

Google Chrome users are urged to immediately update their browsers due to a critical zero-day vulnerability, CVE-2025-2783, which is being actively exploited. This flaw in the Mojo framework for Windows allows attackers to bypass Chrome's security sandbox and execute malicious code. The vulnerability was leveraged in a targeted phishing campaign dubbed "Operation ForumTroll," believed to be the work of a state-sponsored APT group focusing on media, academic, and government entities in Russia. Google has released a patch in Chrome version 134.0.6998.177 for Windows to address this issue, emphasizing the importance of prompt user updates and proactive cybersecurity measures to mitigate such evolving threats. ... Read More

CVE-2025-2783

Google Chrome Zero-Day Vulnerability CVE-2025-2783 Actively Exploited – Here’s What You Need to Know

Technijian: IT Support And IT Services in Orange County, LA, Riverside, and San Diego

Don’t Settle For Less, Get More From Your IT Partner.

Boost Your Business with Technijian IT Support!

Orange County Office

Phone

Email