Google Chrome Zero‑Day CVE‑2025‑2783 Exploited in “Operation ForumTroll“
In mid‑March 2025 attackers exploited a critical zero‑day vulnerability in Google Chrome tracked as CVE‑2025‑2783 to silently bypass the browser sandbox via a phishing link without any user interaction beyond clicking the link The campaign known as Operation ForumTroll used personalized phishing emails pretending to invite media professionals educators and government staff to the “Primakov Readings” forum and immediately installed espionage malware upon link activation Kaspersky detected the exploit chain including a sandbox escape and accompanying RCE exploit reported it to Google and the patch was released on March 25 2025
Reference: Kaspersky blog “Operation ForumTroll: APT attack with Google Chrome zero‑day exploit chain” (March 25, 2025)
https://thehackernews.com/2025/03/zero-day-alert-google-releases-chrome.html