Latest news with #CVE-2025-2783
Fox News
01-04-2025
- Fox News
Emergency Chrome security update amid cyber espionage threats
Google Chrome is the most popular browser in the world, and it is used by billions of people. However, its widespread usage also makes it a prime target for bad actors who exploit various methods, such as malicious extensions, phishing links and fake websites. The latest attack involves hackers exploiting a browser vulnerability to conduct espionage. Google has acknowledged the security flaw and has released an update to fix it. Cybersecurity researchers at Kaspersky recently discovered a sophisticated cyber espionage campaign exploiting a previously unknown vulnerability in Google Chrome. The attack was triggered when victims unknowingly clicked on a phishing link in an email, launching a malicious site in their browser. Shockingly, no further action was required. Simply opening the link was enough to infect the system. According to Kaspersky's report, the malware was based on a zero-day vulnerability, later identified as CVE-2025-2783. Researchers say they analyzed the exploit, reverse-engineered its logic and uncovered that it allowed attackers to bypass Chrome's built-in security features as if they didn't exist. The vulnerability exploited Chrome's inter-process communication framework, known as Mojo, which is crucial for the browser's functionality. This allowed the attackers to execute malicious code across different processes within Chrome, effectively bypassing its security measures. "We have discovered and reported dozens of zero-day exploits actively used in attacks, but this particular exploit is certainly one of the most interesting we've encountered," Kaspersky noted. The cybersecurity team also highlighted the stealthy nature of the attack, which primarily targeted media professionals, educational institutions and government agencies. Dubbed "Operation ForumTroll," the campaign appeared to have espionage as its primary goal. Once Kaspersky reported the vulnerability, Google released an emergency fix. The company has updated Chrome's Stable channel for Windows, with the update gradually rolling out to users over the next few days and weeks. Meanwhile, the Extended Stable channel has also been updated. As with most security updates, Google is keeping the details under wraps until the majority of users have installed the fix. This is a standard precaution to prevent other hackers from exploiting the flaw, while some users are still unprotected. If the bug also affects third-party software, Google will continue restricting details until those platforms release their own patches. While the malware is affecting the Windows version of Google Chrome, it's a good idea for everyone who uses Google Chrome to update their browsers. Below, we've listed steps to update the browser on Windows and other devices. To learn more about how to update other browsers like Safari, see my guide here. Windows Settings may vary depending on your Android phone's manufacturer. While updating Chrome should fix the vulnerability, below are some security tips you can follow to further bolster your privacy and security. 1) Have strong antivirus software: Hackers often gain access to devices by sending infected emails or documents or by tricking you into clicking a link that downloads malware. You can avoid all of this by installing strong antivirus software that will detect any potential threat before it can take over your device. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 2) Enable two-factor authentication (2FA): Many online accounts, including Google, offer two-factor authentication as an extra security measure. Enabling 2FA ensures that even if a hacker obtains your password, they still need a second form of verification, such as a code sent to your phone, to access your account. This simple step significantly reduces the chances of unauthorized access. 3) Use a secure password manager: A strong password is crucial, but remembering multiple complex passwords can be difficult. A password manager generates, stores and autofills strong passwords for your accounts, reducing the risk of password-related breaches. Avoid using the same password across different sites and always opt for long, unique passwords. Get more details about my best expert-reviewed password managers of 2025 here. This incident serves as yet another reminder that even the most secure systems are never truly invulnerable, especially when state-backed or highly skilled actors are in play. While Google's quick response is commendable, it also highlights the never-ending cat-and-mouse game between security teams and cybercriminals. If you are using Chrome, update it now. Do you think Google is doing enough to protect users from security threats? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels: Answers to the most-asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Forbes
28-03-2025
- Forbes
Google's Chrome Deadline—You Have 21 Days To Update Your Browser
Chrome is under attack—you have 21 days to update. Despite Microsoft's efforts to push users to the Edge, Chrome is the default browser for the vast majority of Windows users. All those users must now update Chrome, after Google warned that a new zero-day exploit has been found in the wild. An emergency update was released yesterday and needs to be installed immediately. The vulnerability was discovered by Kaspersky this month, with its team warning of a 'wave of infections by previously unknown and highly sophisticated malware.' The attack comes via an email link and 'infection occurs immediately.' Beyond clicking the link, Kaspersky says, 'no further action was required to become infected.' Now America's cyber defense agency has issued its own warning for users to update Chrome by April 17 'or discontinue use of the product' if they cannot. That mandate applies formally to any federal employee, but CISA's guidance should be followed by all organizations public and private, large and small. The agency's remit is 'to help every organization better manage vulnerabilities and keep pace with threat activity.' Chrome's stable desktop version for Windows has been updated to 134.0.6998.177/.178 to patch CVE-2025-2783. Check for that update now, and once it has downloaded, make sure you restart your browser to install the fix. Reports suggest current attacks are highly targeted, but now it has been patched you can expect attacks to increase while they're still operable. As ever, a targeted exploit finds its way into other hands quickly. Kaspersky says 'this particular exploit is certainly one of the most interesting we've encountered,' given that 'without doing anything obviously malicious or forbidden, it allowed the attackers to bypass Google Chrome's sandbox protection as if it didn't even exist.' and as far as attribution goes, Kaspersky says it can 'confidently conclude that a state-sponsored APT group is behind this attack.' The current attacks chain this exploit with another that has not yet been fixed. But updating Chrome stops the attacks in any case.
Tahawul Tech
28-03-2025
- Tahawul Tech
Kaspersky discovers sophisticated Chrome zero-day exploit used in active attacks
Kaspersky has identified and helped patch a sophisticated zero-day vulnerability in Google Chrome (CVE-2025-2783) that allowed attackers to bypass the browser's sandbox protection system. The exploit, discovered by Kaspersky's Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical complexity. Kaspersky researchers have been acknowledged by Google for discovering and reporting this vulnerability. In mid-March 2025, Kaspersky detected a wave of infections triggered when users clicked personalised phishing links delivered via email. After clicking, no additional action was needed to compromise their systems. Once Kaspersky's analysis confirmed that the exploit leveraged a previously unknown vulnerability in the latest version of Google Chrome, Kaspersky swiftly alerted Google's security team. A security patch for the vulnerability was released on March 25, 2025. Kaspersky researchers dubbed the campaign 'Operation ForumTroll', as attackers sent personalised phishing emails inviting recipients to the 'Primakov Readings' forum. These lures targeted media outlets, educational institutions, and government organisations in Russia. The malicious links were extremely short-lived to evade detection, and in most cases ultimately redirected to the legitimate website for 'Primakov Readings' once the exploit was taken down. The zero-day vulnerability in Chrome was only part of a chain that included at least two exploits: a still-unobtained remote code execution (RCE) exploit that apparently launched the attack, while the sandbox escape discovered by Kaspersky constituted the second stage. Analysis of the malware's functionality suggests the operation was designed primarily for espionage. All evidence points to an Advanced Persistent Threat (APT) group. 'This vulnerability stands out among the dozens of zero-days we've discovered over the years', said Boris Larin, principal security researcher at Kaspersky GReAT. 'The exploit bypassed Chrome's sandbox protection without performing any obviously malicious operations – it's as if the security boundary simply didn't exist. The technical sophistication displayed here indicates development by highly skilled actors with substantial resources. We strongly advise all users to update their Google Chrome and any Chromium-based browser to the latest version to protect against this vulnerability'. Google has credited Kaspersky for uncovering and reporting the issue, reflecting the company's ongoing commitment to collaboration with the global cybersecurity community and ensuring user safety. Kaspersky continues to investigate Operation ForumTroll. Further details, including a technical analysis of the exploits and malicious payload, will be released in a forthcoming report once Google Chrome user security is assured. Meanwhile, all Kaspersky products detect and protect against this exploit chain and associated malware, ensuring users are shielded from the threat. This discovery follows Kaspersky GReAT's previous identification of another Chrome zero-day (CVE-2024-4947), which was exploited last year by the Lazarus APT group in a cryptocurrency theft campaign. In that case, Kaspersky researchers found a type confusion bug in Google's V8 JavaScript engine that enabled attackers to bypass security features through a fake cryptogame website. To safeguard against sophisticated attacks like these, Kaspersky security experts recommend implementing these key protective measures: Ensure timely software updates: Regularly patch your operating system and browsers—especially Google Chrome—so attackers cannot exploit newly discovered vulnerabilities. Adopt a multi-layered security approach: Along with endpoint protection, consider solutions like Kaspersky Next XDR Expert that leverage AI/ML to correlate data from multiple sources and automate detection and response against advanced threats and APT campaigns. Leverage threat intelligence services: Up-to-date, contextual information—such as Kaspersky Threat Intelligence—helps you stay informed about emerging zero-day exploits and the latest attacker techniques. Image Credit: Kaspersky
Zawya
27-03-2025
- Zawya
Kaspersky discovers sophisticated Chrome zero-day exploit used in active attacks
Kaspersky has identified and helped patch a sophisticated zero-day vulnerability in Google Chrome (CVE-2025-2783) that allowed attackers to bypass the browser's sandbox protection system. The exploit, discovered by Kaspersky's Global Research and Analysis Team (GReAT), required no user interaction beyond clicking a malicious link and demonstrated exceptional technical complexity. Kaspersky researchers have been acknowledged by Google for discovering and reporting this vulnerability. In mid-March 2025, Kaspersky detected a wave of infections triggered when users clicked personalized phishing links delivered via email. After clicking, no additional action was needed to compromise their systems. Once Kaspersky's analysis confirmed that the exploit leveraged a previously unknown vulnerability in the latest version of Google Chrome, Kaspersky swiftly alerted Google's security team. A security patch for the vulnerability was released on March 25, 2025. Kaspersky researchers dubbed the campaign 'Operation ForumTroll', as attackers sent personalized phishing emails inviting recipients to the 'Primakov Readings' forum. These lures targeted media outlets, educational institutions, and government organizations in Russia. The malicious links were extremely short-lived to evade detection, and in most cases ultimately redirected to the legitimate website for 'Primakov Readings' once the exploit was taken down. The zero-day vulnerability in Chrome was only part of a chain that included at least two exploits: a still-unobtained remote code execution (RCE) exploit that apparently launched the attack, while the sandbox escape discovered by Kaspersky constituted the second stage. Analysis of the malware's functionality suggests the operation was designed primarily for espionage. All evidence points to an Advanced Persistent Threat (APT) group. 'This vulnerability stands out among the dozens of zero-days we've discovered over the years,' said Boris Larin, principal security researcher at Kaspersky GReAT. 'The exploit bypassed Chrome's sandbox protection without performing any obviously malicious operations – it's as if the security boundary simply didn't exist. The technical sophistication displayed here indicates development by highly skilled actors with substantial resources. We strongly advise all users to update their Google Chrome and any Chromium-based browser to the latest version to protect against this vulnerability.' Google has credited Kaspersky for uncovering and reporting the issue, reflecting the company's ongoing commitment to collaboration with the global cybersecurity community and ensuring user safety. Kaspersky continues to investigate Operation ForumTroll. Further details, including a technical analysis of the exploits and malicious payload, will be released in a forthcoming report once Google Chrome user security is assured. Meanwhile, all Kaspersky products detect and protect against this exploit chain and associated malware, ensuring users are shielded from the threat. This discovery follows Kaspersky GReAT's previous identification of another Chrome zero-day (CVE-2024-4947), which was exploited last year by the Lazarus APT group in a cryptocurrency theft campaign. In that case, Kaspersky researchers found a type confusion bug in Google's V8 JavaScript engine that enabled attackers to bypass security features through a fake cryptogame website. To safeguard against sophisticated attacks like these, Kaspersky security experts recommend implementing these key protective measures: Ensure timely software updates: Regularly patch your operating system and browsers—especially Google Chrome—so attackers cannot exploit newly discovered vulnerabilities. Adopt a multi-layered security approach: Along with endpoint protection, consider solutions like Kaspersky Next XDR Expert that leverage AI/ML to correlate data from multiple sources and automate detection and response against advanced threats and APT campaigns. Leverage threat intelligence services: Up-to-date, contextual information—such as Kaspersky Threat Intelligence—helps you stay informed about emerging zero-day exploits and the latest attacker techniques. About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company's comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at
Yahoo
26-03-2025
- Yahoo
Google fixes Chrome zero-day security flaw used in hacking campaign targeting journalists
Google said it has fixed a vulnerability in its Chrome browser for Windows that malicious hackers have used to break into victims' computers. In a brief note on Tuesday, Google said that it fixed the vulnerability, tracked as CVE-2025-2783, that was discovered by researchers at security firm Kaspersky earlier this month. Google said it was aware of reports that an exploit for the bug "exists in the wild." The bug is referred to as a zero-day because the vendor — in this case, Google — was given no time to fix the bug before it was exploited. According to Kaspersky, the bug was exploited as part of a hacking campaign targeting Windows computers running Chrome. In a blog post, Kaspersky called the campaign "Operation ForumTroll," and said victims were targeted with a phishing email inviting them to a Russian global political summit. When a link in the email was clicked, victims were taken to a malicious website that immediately exploits the bug to gain access to the victim's PC data. Kaspersky provided little detail about the bug at the time of the Chrome patch, but said that the bug allowed the attackers to bypass Chrome's sandbox protections, which limit the browser's access to other data on the user's computer. Kaspersky said the bug affects all other browsers based on Google's Chromium engine. In a separate analysis, Kaspersky said the bug was likely used in an espionage campaign, typically designed to stealthily monitor and steal data from a target's device, usually over a period of time. The Russia-headquartered security firm said the hackers sent personalized phishing emails to Russian media representatives and employees at educational institutions. It's unclear who was exploiting the bug, but Kaspersky attributed the campaign to a likely state-sponsored or government-backed group of hackers. Browsers like Chrome are a frequent target for malicious hackers and government-backed groups. Zero-day bugs capable of breaking through their protections and into the victim's sensitive device data can be sold at high prices. In 2024, one zero-day broker was offering up to $3 million for exploitable bugs that can be triggered from over the internet. Google said Chrome updates will roll out over the coming days and weeks. Sign in to access your portfolio
