CVE-2025-2783
Published Mar 26, 2025
Last updated 19 days ago
AI description
CVE-2025-2783 is a vulnerability in Google Chrome specifically affecting Windows users. It is described as an "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo is a collection of runtime libraries that facilitates inter-process communication (IPC). This vulnerability allowed attackers to bypass Chrome's sandbox protection. The vulnerability was exploited in the wild as part of a targeted attack dubbed "Operation ForumTroll," which targeted media outlets, educational institutions, and government organizations in Russia. The attack involved phishing emails with malicious links that, when clicked in Chrome, led to immediate infection. The exploit was designed to work with another exploit that enabled remote code execution, although the second exploit was not obtained by researchers. Google has addressed this vulnerability in Chrome version 134.0.6998.177/.178 for Windows.
- Description
- Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
- Products
- chrome
CVSS 3.1
- Type
- Secondary
- Base score
- 8.3
- Impact score
- 6
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium Mojo Sandbox Escape Vulnerability
- Exploit added on
- Mar 27, 2025
- Exploit action due
- Apr 17, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
🛡️ Nuestros investigadores han descubierto que el grupo APT ForumTroll y la empresa italiana Memento Labs (antes HackingTeam) utilizaban la misma herramienta maliciosa llamada LeetAgent. Esta herramienta combinaba un exploit de día-cero en Chrome (CVE-2025-2783) con un spy
@KasperskyES
6 Nov 2025
260 Impressions
1 Retweet
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2783 (Chrome zero-day vulnerability) : Italian-made spyware Dante linked to Chrome zero-day exploitation campaign #Operation_ForumTroll, #Spyware_Dante Italian company Memento Labs (formerly Hacking Team) Comeback. https://t.co/28rvm41rBN
@huseyin_yu63956
4 Nov 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New 'Dante' spyware by Memento Labs, formerly Hacking Team, used in Operation ForumTroll with Chrome zero-day vulnerability (CVE-2025-2783) #cybersecurity @HackRead https://t.co/qeZlxt4CTe
@not2cleverdotme
4 Nov 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 New 'Dante' spyware by Memento Labs, linked to Hacking Team, used Chrome zero-day vulnerability (CVE-2025-2783) in Operation ForumTroll attack campaign. https://t.co/qeZlxt4CTe
@not2cleverdotme
3 Nov 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2783 (Chrome zero-day vulnerability) : Italian-made spyware Dante linked to Chrome zero-day exploitation campaign #Operation_ForumTroll, #Spyware_Dante Italian company Memento Labs (formerly Hacking Team) Comeback. https://t.co/uvcdv8qK0K https://t.co/pqO3dhUtgH
@freedomhack101
3 Nov 2025
60 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 MALWARE, RANSOMWARE Y VULNERABILIDADES: Semana 27 OCT – 2 NOV 2025 🚨 La red arde: exploits, spyware, IA fuera de control y corporaciones tambaleando entre despidos masivos y fallos catastróficos. 👇 ⚠️ Kaspersky revela un día cero en Chrome (CVE-2025-2783) usad
@MineryReport
3 Nov 2025
72 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
3 Nov 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
2 Nov 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Phishing link → WebGPU decrypt → Shellcode injection → COM hijack for persistence. Deploys Dante spyware (successor to RCS(Hacking Team), now Memento Labs) + custom LeetAgent for keylogging, file theft. Exploits: Zero-days CVE-2025-2783 (Chrome sandbox escape) & Phi
@minacrissDev_
31 Oct 2025
556 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Discover how Kaspersky uncovered the ForumTroll APT using the Italian-made Dante spyware by Memento Labs (ex-Hacking Team), exploiting a Chrome zero-day (CVE-2025-2783) in targeted espionage campaigns against Russian orgs. A chilling return of a notorious spyware legacy! https://
@ActuseaDir
30 Oct 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
URGENT: Active zero-day exploits targeting Chrome (CVE-2025-2783) and Microsoft's Chakra engine via IE mode have been identified. These can lead to remote code execution and spyware installation. Patch your systems and browsers immediately to mitigate risk. #CyberSecurity https:/
@RoelofMol
30 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome Zero-Day kihasználásával fertőz a LeetAgent kémprogram A Kaspersky kutatói olyan támadássorozatot tártak fel, amelyben a Google Chrome egy addig ismeretlen, azóta javított biztonsági hibáját (CVE-2025-2783) használták fel célzott kiberkémkedési művelet
@linuxmint_hun
29 Oct 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💻 Chrome zero-day CVE-2025-2783 exploited by "Mem3nt0 mori" APT in espionage campaign! Attacks targeted Russia & Belarus, deploying LeetAgent spyware via phishing links. #ZeroDay #Chrome #APT #Spyware #Infosec 🔗 https://t.co/UtgUBq3cQt
@NetSecIO
29 Oct 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Today’s cyber brief (Oct 29): 💠 MedImpact ransomware (Qilin) → prep PHI comms. 💠 DELMIA Apriso added to CISA KEV → patch & hunt. 💠 Tomcat CVE-2025-55752 (path traversal) → disable 💠 PUT + update. Chrome 0-day CVE-2025-2783 (Dante/LeetAgent) → force
@TrescudoCyber
29 Oct 2025
90 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ Nuevo caso de espionaje digital: un fallo en Chrome permitió instalar spyware desde Italia Kaspersky reveló que un grupo de espionaje explotó una vulnerabilidad crítica en Google Chrome (CVE-2025-2783) para instalar LeetAgent. Es un spyware desarrollado por la empre
@CycuraMX
29 Oct 2025
1604 Impressions
12 Retweets
25 Likes
6 Bookmarks
0 Replies
0 Quotes
El spyware Dante está vinculado a una campaña de día cero de explotación en Chrome. Google parchó una vulnerabilidad día Jero de Chrome (CVE-2025-2783) que fue usada para instalar el spyware LeetAgent. #ciberseguridad #cybersecurity https://t.co/5rSiyK5wI0 https://t.co/Qs8
@EHCGroup
28 Oct 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome Under Attack: Hackers Exploit Zero-Day Vulnerability! A new Google Chrome zero-day (CVE-2025-2783) has recently been exploited to deliver the advanced LeetAgent spyware via malicious phishing links — enabling attackers to break browser sandbox protections and take full
@ChbibAnas
28 Oct 2025
23 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alerta de Ciberseguridad Nuestro SOC detectó la explotación activa de una vulnerabilidad crítica en Google Chrome (CVE-2025-2783) usada para distribuir spyware. ⚠️ Actualiza de inmediato a la última versión. #Ciberseguridad #CompuNet #Chrome #CVE20252783 https://t.c
@CompunetChile
28 Oct 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome Zero-Day (CVE-2025-2783) Used to Deliver Spyware – Are You at Risk? Read the full report on - https://t.co/R6013QrjV6 https://t.co/6ItCkjKapb
@Iambivash007
28 Oct 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alert: Kaspersky found Operation ForumTroll using personalized phishing emails to exploit CVE-2025-2783, a Chrome sandbox escape flaw. Attackers deploy "Dante" spyware by Memento Labs on Russian entities. Stay vigilant: check for Base64 folders in %LocalAppData%, bolster ema
@bigmacd16684
28 Oct 2025
0 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
„Google Chrome“ naršyklėje jau ištaisytas „nulinių dienų“ pažeidžiamumas CVE-2025-2783 buvo aktyviai išnaudojamas platinant šnipinėjimo įrankius, sukurtus Italijos įmonės „Memento Labs“ https://t.co/xcoQ1Ziw2d
@grigaliunas
28 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chromeのゼロデイ脆弱性CVE-2025-2783の悪用により、イタリア企業Memento Labs製スパイウェアが配布されていたことが判明した。攻撃は「Operation ForumTroll」と呼ばれ、主にロシアの政府・研究機関・金融機関など
@yousukezan
28 Oct 2025
1932 Impressions
2 Retweets
18 Likes
5 Bookmarks
0 Replies
0 Quotes
Cyber chaos unfolds: massive breaches, sophisticated scams, zero-days, and sprawling fraud rings dominate in the last hour. Here’s what you need to know 🔥👇 🕵️♂️ Zero-day exploit CVE-2025-2783 actively abused in Google Chrome sandbox by espionage-linked threat
@np_cyber_news
28 Oct 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Chrome zero-day CVE-2025-2783 (CVSS 8.3) exploited to deliver #LeetAgent spyware via sandbox-escape RCE. Targets include media, research, and gov entities in Russia/Belarus. LeetAgent shows overlaps with Dante/TaxOff tooling for modular espionage. https://t.co/LvGmpYbOXB
@MeridianEU
28 Oct 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📌 استُغل ثغرة أمنية غير مُكتشفة في جوجل كروم، التي تم تصحيحها لاحقاً، لتوزيع برنامج التجسس LeetAgent من شركة Memento Labs الإيطالية، حسبما أفادت كاسبرسكي. الثغرة C
@Cybercachear
28 Oct 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔒 افشای حمله هدفمند با بهرهگیری از باگ #Chrome 🔍 جاسوسافزار LeetAgent ساخت شرکت ایتالیایی Memento Labs در پشت حملات اخیر قرار دارد. 🎯 این بدافزار از نقص امنیتی CVE-2
@vulnerbyte
28 Oct 2025
28 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
⚠️ ALERT: A Chrome zero-day (CVE-2025-2783) was exploited to deliver spyware built by Memento Labs — the firm behind past government surveillance tools. One click in Chromium = full sandbox escape. Read this → https://t.co/aTkSq0QITK
@TheHackersNews
28 Oct 2025
29649 Impressions
94 Retweets
215 Likes
50 Bookmarks
2 Replies
4 Quotes
The Hacking Team is back. GReAT's Boris Larin reveals at #TheSAS2025 how Memento Labs’ Dante spyware was linked to Operation ForumTroll — a campaign exploiting a Chrome 0-day (CVE-2025-2783). 🔗 Read the full story on Securelist: https://t.co/OModvY795d #CyberSecurity #AP
@kaspersky
27 Oct 2025
1509 Impressions
6 Retweets
22 Likes
3 Bookmarks
0 Replies
0 Quotes
برای مرورگر کروم آسیب پذیری با کد شناسایی CVE-2025-2783 منتشر شده است. برای امن سازی به نسخه Chrome 134 به روز رسانی نمایید. https://t.co/vlBgMReIh7 https://t.co/ENe9N6sbSB
@EthicalSafe
27 Oct 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Operation ForumTroll: A new cyber-espionage wave hits Russia & Belarus. 💠 Zero-day exploit (CVE-2025-2783) bypassed Chrome sandbox 💠 LeetAgent → Dante spyware chain 💠 Commercial spyware linked to private surveillance tech A glimpse into the darker side of com
@TechNadu
27 Oct 2025
80 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A bombshell start to #TheSAS2025 — @oct0xor shares details of the new commercial #spyware, Dante, developed by Memento Labs (better known by its former name, Hacking Team). The malware infection began with the exploitation of CVE-2025-2783 in #Chrome, a strange new bug class. h
@TheSAScon
27 Oct 2025
3309 Impressions
5 Retweets
24 Likes
5 Bookmarks
0 Replies
2 Quotes
First talk in #TheSAS2025 talk, Zero Day in Chrome: CVE-2025-2783 https://t.co/RHQI7QJBEY
@revers3vrything
27 Oct 2025
4134 Impressions
6 Retweets
55 Likes
13 Bookmarks
2 Replies
0 Quotes
The return of Hacking Team – a first look at the Dante malware Kaspersky GReAT researchers have reconstructed the infection chain used in ForumTroll APT attacks targeting Russian organizations. Short-lived web pages exploiting the Chrome zero-day CVE-2025-2783 delivered the h
@kaspersky
27 Oct 2025
1656 Impressions
0 Retweets
13 Likes
1 Bookmark
0 Replies
1 Quote
CVE-2025-2783 is a high-severity Chrome Mojo IPC sandbox-escape vulnerability (CVSS 8.8) exploited in espionage campaigns—update Chrome/Edge ASAP. https://t.co/FjQwmVSUoL #CVE #CommonVulnerabilities #sandboxescape #phishing #ZeroDay #Vulnerability #Exploit #CyberThreats
@SarahCross80725
21 Aug 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#CyberSecurity #VulnerabilityReport Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign https://t.co/jJPI7Oh2bL
@Komodosec
23 Jul 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor #CISO https://t.co/bYPwB1wm8j https://t.co/zzIOB1fOrS
@compuchris
22 Jul 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor https://t.co/iigqo6NIGP #CyberSecurity #ZeroDay #GoogleChrome #CVE20252783 #CyberThreats https://t.co/UlKN5dNVbO
@blueteamsec1
19 Jul 2025
823 Impressions
0 Retweets
7 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-2783: Google Chrome Zero-Day Exploit Publicly disclosed: March 26, 2025 Affected software: Google Chrome Severity: Critical This zero-day vulnerability allowed attackers to bypass Chrome's sandbox protections, enabling them to execute malicious code on affected systems.
@0dXa1
4 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
3 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
30 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
28 Jun 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-2783 exploited! Update Chrome ➜ 136.0.7104.90+, restart, done. Instrukcja ➡ https://t.co/FhqxdKSt6l #Chrome #ZeroDay #Bezpieczeństwo
@PointZeroPL
25 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
23 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
23 Jun 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Urgent! Google Chrome zero-day CVE-2025-2783 is being exploited by TaxOff to deploy the Trinper backdoor. Update your Chrome browser ASAP to stay protected! #Chrome #ZeroDay #Security #Cybersecurity #ThreatIntel #TaxOff #Trinper #BrowserSecurity https://t.co/SZQuH4f4qx
@xcybersecnews
22 Jun 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
22 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
21 Jun 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
21 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor. The initial attack vector was a phishing email containing a malicious link. https://t.co/8Jdb4kGDi4 https://t.co/1yePy2GJTM
@riskigy
21 Jun 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alert: TaxOff hits Chrome with a CVE-2025-2783 zero-day vulnerability, deploying the Trinper backdoor. Stay updated to protect your data. More on this new breach 👇 #Cybersecurity #ZeroDay #ChromeSecurity https://t.co/X7rsZNHHwe
@CyberExpertsUS
19 Jun 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
19 Jun 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55EB6B03-2E87-4B74-A41D-1A48BAFDC687",
"versionEndExcluding": "134.0.6998.177"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]