Google fixes Chrome zero-day security flaw used in hacking campaign targeting journalists

Google said it has fixed a vulnerability in its Chrome browser for Windows that malicious hackers have used to break into victims’ computers. In a brief note on Tuesday, Google said that it fixed the vulnerability, tracked as CVE-2025-2783, that was discovered by researchers at security firm Kaspersky earlier this month. Google said it was aware of reports that an exploit for the bug “exists in the wild.” The bug is referred to as a zero-day because the vendor — in this case, Google — was given no time to fix the bug before it was exploited. According to Kaspersky, the bug was exploited as part of a hacking campaign targeting Windows computers running Chrome. In a blog post, Kaspersky called the campaign “Operation ForumTroll,” and said victims were targeted with a phishing email inviting them to a Russian global political summit. When a link in the email was clicked, victims were taken to a malicious website that immediately exploits the bug to gain access to the victim’s PC data. ... Read full article.