Google has released a security update to fix a critical Chrome zero-day vulnerability (CVE-2025-2783) that was actively exploited in cyber-espionage attacks.
The flaw, discovered by Kaspersky researchers Boris Larin and Igor Kuznetsov, allowed attackers to bypass Chrome’s sandbox protections and deploy malware against Russian media and education organizations.
The vulnerability, described as an “incorrect handle provided in unspecified circumstances in Mojo on Windows,” enabled threat actors to execute malicious code. Google patched the issue in Chrome version 134.0.6998.178 for Windows, rolling out updates globally. While updates may take days or weeks to reach all users, manual updates are available immediately.
Kaspersky’s analysis revealed that the exploit was used as part of a cyber-espionage campaign dubbed Operation ForumTroll, where phishing emails lured victims with invitations to a fake scientific forum. Attackers redirected users to a compromised domain, deploying sophisticated malware for intelligence gathering.
Google has yet to disclose the full details of the attacks, keeping information restricted until most users receive the patch. However, Kaspersky noted that a second exploit was used alongside CVE-2025-2783 to enable remote code execution, though the specifics remain unknown.
This is the first Chrome zero-day patched in 2025, following Google’s 10 fixes for similar vulnerabilities last year. Security researchers advise users to update their browsers immediately to mitigate potential threats.
