MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
chrome
Search

Google Patches Chrome Sandbox Escape Zero-Day Caught By Kaspersky

Wednesday March 26, 2025. 11:00 AM , from Slashdot
Google Patches Chrome Sandbox Escape Zero-Day Caught By Kaspersky
wiredmikey shares a report from SecurityWeek: Google late Tuesday rushed out a patch for a sandbox escape vulnerability in its flagship Chrome browser after researchers at Kaspersky caught a professional hacking operation launching drive-by download exploits. The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in what appears to be a nation-state sponsored cyberespionage campaign [dubbed Operation ForumTroll] targeting organizations in Russia.

Kaspersky said it detected a series of infections triggered by phishing emails in the middle of March and traced the incidents to a zero-day that fired when victims simply clicked on a booby-trapped website from a Chrome browser. The Russian anti-malware vendor said victims merely had to click on a personalized, short-lived link, and their systems were compromised when the malicious website was opened in Chrome. Kaspersky said its exploit detection tools picked up on the zero-day, and after reverse-engineering the code, the team reported the bug to Google and coordinated the fix released on Tuesday.

Read more of this story at Slashdot.
Read more at Slashdot
https://slashdot.org/story/25/03/26/0143210/google-patches-chrome-sandbox-escape-zero-day-caught-by-...

Related News

chrome Google Launches Sec-Gemini v1 AI Model To Improve Cybersecurity Defense SlashdotApr 4
kaspersky Google launches Sec-Gemini v1 AI model to improve cybersecurity defense BetaNewsApr 4
zero-day Google Cloud Next 2025: News and insights InfoWorldApr 4
google Google's NotebookLM AI Can Now 'Discover Sources' For You SlashdotApr 4
said The future of AI search is Google’s to lose ComputerWorldApr 3
caught From Slam Dunks to Salad-Making, Google’s Gemini Robots Are Coming for Everyday Life eWeekApr 2
sandbox Google adds end-to-end email encryption to Gmail ComputerWorldApr 2
escape Google fixes GCP flaw that could expose sensitive container images InfoWorldApr 2
its 14 handy hidden tricks for Google Maps on Android ComputerWorldApr 2
victims Apple belatedly patches actively exploited bugs in older OSes TheRegisterApr 2
browser DeepMind is Holding Back Release of AI Research To Give Google an Edge SlashdotApr 1
website Google makes end-to-end encrypted Gmail easy for all – even Outlook users TheRegisterApr 1
exploit RISC OS Open plots great escape from 32-bit purgatory TheRegisterApr 1
code Google To Pay $100 Million To Settle 14-Year-Old Advertising Lawsuit SlashdotMar 31
operation Honey Lost 4 Million Chrome Users After Shady Tactics Were Revealed SlashdotMar 31
chrome Traveling This Summer? Use Google’s New AI Trip Planning Tools to Create an Itinerary eWeekMar 31
kaspersky Google Sunsets Two Devices From Its Nest Smart Home Product Line SlashdotMar 30
zero-day Google Discontinues Nest Protect, and Apple’s WWDC Gets a Date—Here’s Your Gear News of the Week Wired: Tech.Mar 29
google Google introduces Gemini 2.5 reasoning models InfoWorldMar 29
said Again and Again, NSO Group's Customers Keep Getting Their Spyware Operations Caught SlashdotMar 28
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Apr, Fri 18 - 21:45 CEST