<ul><li>A newly discovered Google Chrome zero day, identified as CVE-2025-2783, is actively being used in targeted attacks against specific organizations.</li><li>The vulnerability stems from a type confusion bug in Mojo, an inter-process communication system within Google Chrome, which allows attackers to escape the sandbox and achieve full system compromise.</li><li>The zero day exploit has been observed in attacks targeted at organizations in Russia, leading to the deployment of highly sophisticated malware for espionage purposes.</li><li>The security fix for this vulnerability is included in the latest version of Google Chrome: version 134.0.6998.177/.178 for Windows.</li></ul>

Chrome Users Targeted in Active Zero-Day Exploit Campaign

Discover more