Google has patched a serious security flaw in its Chrome browser for Windows that was being actively exploited by hackers to infiltrate victims’ computers. The vulnerability, identified as CVE-2025-2783, was discovered earlier this month by cybersecurity researchers at Kaspersky, who linked it to a targeted phishing campaign known as “Operation ForumTroll.”
In a statement on Tuesday, Google confirmed it was aware that the bug was being exploited “in the wild,” classifying it as a zero-day — meaning attackers began using it before Google had a chance to issue a fix. The company has now released a security update to address the flaw.
According to Kaspersky, the exploit was used in a campaign that targeted Windows users running Chrome. Victims received phishing emails inviting them to a fake Russian political summit. Once they clicked a malicious link in the email, they were redirected to a compromised website that used the vulnerability to gain access to their devices.
Kaspersky said the attackers were able to bypass Chrome’s sandbox protections, a core security feature meant to isolate the browser from the rest of the system. This gave the attackers access to sensitive data on the victim’s PC. The bug also affects other browsers based on Google’s Chromium engine, such as Microsoft Edge, Opera, Brave, and many others.
The cybersecurity firm believes the operation was part of a broader espionage effort designed to silently monitor and extract information over time. The attackers reportedly targeted Russian media professionals and educational institutions, raising suspicions that a state-sponsored or government-backed hacking group was behind the operation.
Zero-day vulnerabilities in web browsers like Chrome are especially valuable due to their ability to compromise devices through common user actions such as clicking a link. According to industry reports, zero-day exploits that work remotely through the internet can sell for as much as $3 million.
Google has urged users to immediately update Chrome to the latest version to ensure protection against this vulnerability. Users of other Chromium-based browsers should also check for updates promptly.