news 
Google has fixed a critical zero-day vulnerability in its Chrome browser for Windows, which was being exploited by malicious hackers to break into victims’ computers.
The vulnerability, tracked as CVE-2025-2783, was discovered by researchers at Kaspersky earlier this month. Google has issued a patch and will roll out updates over the coming days and weeks to affected users.
According to Kaspersky, the bug was being exploited in a hacking campaign targeting journalists. The security firm called the campaign “Operation ForumTroll,” and stated that it involved phishing emails inviting recipients to a Russian global political summit. When victims clicked on the link, they were taken to a malicious website that immediately exploits the vulnerability to gain access to their PC data.
The bug allows attackers to bypass Chrome’s sandbox protections, which are designed to limit the browser’s access to other data on the user’s computer. Kaspersky warned that all other browsers based on Google’s Chromium engine are also affected by this flaw.
Further analysis by Kaspersky suggests that the hack was likely part of an espionage campaign, aimed at stealthily monitoring and stealing data from targeted devices over a period of time. The firm attributed the attack to a state-sponsored or government-backed group of hackers.
The discovery highlights the importance of browser security in today’s digital landscape.
Source: https://techcrunch.com/2025/03/26/google-fixes-chrome-zero-day-security-flaw-used-in-hacking-campaign-targeting-journalists/
