Google Chrome encountered a critical zero-day vulnerability identified as CVE-2025-2783, being exploited through a campaign named Operation ForumTroll. Targeting various institutions, the flaw allowed attackers to escape Chrome’s sandbox, potentially enabling them to execute arbitrary code on victims' systems, with minimal interaction. Despite a prompt patch release in Chrome version 134.0.6998.177/.178, the situation posed espionage risks, likely attributed to an APT group's involvement. Organizations were urged to upgrade their browsers and enhance security protocols to prevent exploitation.
Source: https://cybersecuritynews.com/cisa-warns-of-google-chrome-zero-day/
"id": "goo058032925",
"linkid": "google-chrome",
"type": "Vulnerability",
"date": "3/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"