The National Computer Emergency Response Team (NCERT) has released an urgent advisory about a serious security flaw in Google Chrome. This zero-day vulnerability, identified as CVE-2025-2783, is already being exploited by hackers in ongoing cyberattacks. The flaw poses a high risk to users, especially those in media, government, and educational sectors.
Cybersecurity experts have confirmed that this vulnerability is being used in targeted Advanced Persistent Threat (APT) campaigns, including one known as Operation ForumTroll.Hackers are taking advantage of the flaw to gain control of users’ systems simply by getting them to visit a malicious website.
How the Exploit Works
The CVE-2025-2783 vulnerability allows attackers to bypass Chrome’s sandbox security. Once a user clicks on a phishing link, the malicious site executes harmful code on the system without needing any further action. This is made possible by a logical flaw in the interaction between Chrome and the Windows operating system.
Once triggered, the vulnerability can lead to serious consequences, including remote code execution, unauthorized access to private data, and full system control. Security experts warn that this control allows hackers to install malware, move across networks, steal information, and even set up long-term surveillance tools.
Who is Being Targeted
This exploit is mainly targeting users who have not updated their browsers. All Chrome versions earlier than 134.0.6998.177/.178 for Windows are vulnerable. The phishing emails used in these attacks are cleverly disguised as legitimate event invitations, such as those for the Primakov Readings forum.
Victims include users working in sensitive environments, such as government agencies, newsrooms, universities, and other institutions that hold valuable information.
Possible Damage from the Attack
Once a system is compromised, attackers can perform several malicious actions. These include stealing login credentials, extracting confidential files, spreading the attack across the network, and installing backdoors for future access. In some cases, the attackers aim to conduct large-scale espionage and data theft operations.
These threats are not theoretical. Reports show that victims have already suffered data loss, malware infections, and unauthorized access to classified systems.
What Users Should Do
To protect against this threat, NCERT has listed several immediate steps for all users:
- Update Chrome immediately to version 134.0.6998.177 or later. This version was released on March 25, 2025, and includes the fix for CVE-2025-2783.
- Turn on Enhanced Safe Browsing in Chrome to increase protection against harmful sites.
- Use endpoint detection and response (EDR) software to monitor systems for suspicious activity.
- Isolate any systems showing signs of compromise and run a full forensic investigation.
- Restore devices from secure backups only after ensuring that no threats remain.
- Patch other related software that might be exploited in similar ways.
- Train employees to recognize phishing emails, especially those pretending to be event invites or official messages.
The Chrome zero-day exploit CVE-2025-2783 is a serious threat and is already being used in the wild. With attackers actively targeting users and organizations, taking immediate action is necessary. Updating your browser and reinforcing your cybersecurity defenses can prevent major losses.
This isn’t just a routine bug—it’s a high-risk vulnerability that could lead to stolen data, breached systems, and long-term damage. Act now to protect yourself and your network.
