CVE-2025-2783
Published Mar 26, 2025
Last updated 4 months ago
AI description
CVE-2025-2783 is a vulnerability in Google Chrome specifically affecting Windows users. It is described as an "incorrect handle provided in unspecified circumstances in Mojo on Windows." Mojo is a collection of runtime libraries that facilitates inter-process communication (IPC). This vulnerability allowed attackers to bypass Chrome's sandbox protection. The vulnerability was exploited in the wild as part of a targeted attack dubbed "Operation ForumTroll," which targeted media outlets, educational institutions, and government organizations in Russia. The attack involved phishing emails with malicious links that, when clicked in Chrome, led to immediate infection. The exploit was designed to work with another exploit that enabled remote code execution, although the second exploit was not obtained by researchers. Google has addressed this vulnerability in Chrome version 134.0.6998.177/.178 for Windows.
- Description
- Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. (Chromium security severity: High)
- Source
- chrome-cve-admin@google.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 8.3
- Impact score
- 6
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Google Chromium Mojo Sandbox Escape Vulnerability
- Exploit added on
- Mar 27, 2025
- Exploit action due
- Apr 17, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
#CyberSecurity #VulnerabilityReport Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign https://t.co/jJPI7Oh2bL
@Komodosec
23 Jul 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor #CISO https://t.co/bYPwB1wm8j https://t.co/zzIOB1fOrS
@compuchris
22 Jul 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor https://t.co/iigqo6NIGP #CyberSecurity #ZeroDay #GoogleChrome #CVE20252783 #CyberThreats https://t.co/UlKN5dNVbO
@blueteamsec1
19 Jul 2025
823 Impressions
0 Retweets
7 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-2783: Google Chrome Zero-Day Exploit Publicly disclosed: March 26, 2025 Affected software: Google Chrome Severity: Critical This zero-day vulnerability allowed attackers to bypass Chrome's sandbox protections, enabling them to execute malicious code on affected systems.
@0dXa1
4 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
3 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
30 Jun 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
28 Jun 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-2783 exploited! Update Chrome ➜ 136.0.7104.90+, restart, done. Instrukcja ➡ https://t.co/FhqxdKSt6l #Chrome #ZeroDay #Bezpieczeństwo
@PointZeroPL
25 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
23 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
23 Jun 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨 Urgent! Google Chrome zero-day CVE-2025-2783 is being exploited by TaxOff to deploy the Trinper backdoor. Update your Chrome browser ASAP to stay protected! #Chrome #ZeroDay #Security #Cybersecurity #ThreatIntel #TaxOff #Trinper #BrowserSecurity https://t.co/SZQuH4f4qx
@xcybersecnews
22 Jun 2025
51 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
22 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
21 Jun 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
21 Jun 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor. The initial attack vector was a phishing email containing a malicious link. https://t.co/8Jdb4kGDi4 https://t.co/1yePy2GJTM
@riskigy
21 Jun 2025
59 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Alert: TaxOff hits Chrome with a CVE-2025-2783 zero-day vulnerability, deploying the Trinper backdoor. Stay updated to protect your data. More on this new breach 👇 #Cybersecurity #ZeroDay #ChromeSecurity https://t.co/X7rsZNHHwe
@CyberExpertsUS
19 Jun 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
19 Jun 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
18 Jun 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited By TaxOff To Deploy Trinper Backdoor - https://t.co/4SfPcZbLp4 #thn #infosec
@mwyres
18 Jun 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"The initial attack vector was a phishing email containing a malicious link. When the victim clicked the link, it triggered a one-click exploit (CVE-2025-2783), leading to the installation of the Trinper backdoor employed by TaxOff." https://t.co/wN7YLPVKrp @ptsecu
@xvonfers
18 Jun 2025
227 Impressions
0 Retweets
1 Like
3 Bookmarks
0 Replies
0 Quotes
🗞️ A critical zero-day vulnerability (CVE-2025-2783) in Google Chrome has been actively exploited by the TaxOff threat actor. This sophisticated campaign uses phishing emails to deploy the Trinper backdoor, primarily targeting government agencies. Key takeaways: 🧵 https:
@gossy_84
18 Jun 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#Google_Chrome #Zero_Day CVE-2025-2783 #Exploited by #TaxOff to Deploy #Trinper_Backdoor https://t.co/Kk8Kwn8Uxw https://t.co/NE8V9WFd6i
@omvapt
18 Jun 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📢 GÜVENLİK DUYURUSU – Google Chrome Zero-Day Açığı (CVE-2025-2783) Google, Chrome tarayıcısında aktif olarak istismar edilen kritik bir zero-day güvenlik açığı (CVE-2025-2783) tespit etti ve bu açığı kapatan acil bir güncelleme yayımladı. Trinper isimli
@GMDestekMerkezi
18 Jun 2025
37 Impressions
2 Retweets
7 Likes
0 Bookmarks
0 Replies
0 Quotes
おはようございます Google Chromeでゼロデイ攻撃が発見されました。 特定のリンクを踏むと自動的にバックドアの作成が可能となる脆弱性のようです。 CVE-2025-2783に該当するバージョンを使ってないか確認して
@altelab8
18 Jun 2025
36 Impressions
0 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Unpopular opinion: Google Chrome having ANOTHER zero-day exploit (CVE-2025-2783) is exactly why we need browser diversity 🔒 Everyone using the same browser = everyone vulnerable to the same attacks Firefox, Safari, Edge users sitting pretty right now while Chrome users https
@tosino007
18 Jun 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️Un clic en Google Chrome puede abrir la puerta a un espía fiscal Así pasó con una falla de Chrome (CVE-2025-2783). Integrantes del grupo TaxOff usaron para colar un backdoor llamado Trinper en sistemas corporativos… Y todo con un simple correo de phishing. ⚠
@CycuraMX
18 Jun 2025
855 Impressions
10 Retweets
21 Likes
5 Bookmarks
0 Replies
0 Quotes
the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC) analyzed an attack that exploited a Google Chrome zero-day vulnerability (sandbox escape), which was registered around the same time and has since been tracked as CVE-2025-2783
@ngnicky
17 Jun 2025
166 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google Chrome vulnerability CVE-2025-2783 exploited by TaxOff to deploy Trinper backdoor via phishing, stealing data and keystrokes. Advanced multithreaded malware targets Russian orgs. 🕵️♂️ #TaxOff #Russia #Cyberattack https://t.co/B7JIQVSRF4
@TweetThreatNews
17 Jun 2025
114 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor https://t.co/ZPwDU43YBB #generalsecurity #feedly
@int_csm
17 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A Chrome zero-day (CVE-2025-2783) was used in a live attack to drop a stealthy backdoor. The hacker group TaxOff tricked targets with fake forum invites—one click, full compromise.
@Aizendcom
17 Jun 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor https://t.co/MGzN0QL1Gl https://t.co/PVmmzP5P0E
@talentxfactor
17 Jun 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2783, Russian targets hit via phishing. Urges update to latest Chrome version. Check details: https://t.co/YC9MvtreFI #Cybersecurity #ChromeSecurity
@Hack3rBot
17 Jun 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Hacker News - Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor https://t.co/Tr146Nb4xE
@buzz_sec
17 Jun 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A Chrome zero-day (CVE-2025-2783) was used in a live attack to drop a stealthy backdoor. The hacker group TaxOff tricked targets with fake forum invites—one click, full compromise. https://t.co/IN7YHaHhJl
@gierek_grzegorz
17 Jun 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor https://t.co/Pw754H89aL
@TheCyberSecHub
17 Jun 2025
1495 Impressions
4 Retweets
11 Likes
1 Bookmark
2 Replies
0 Quotes
🚨 A Chrome zero-day (CVE-2025-2783) was used in a live attack to drop a stealthy backdoor. The hacker group TaxOff tricked targets with fake forum invites—one click, full compromise. Here’s how the Trinper malware quietly hijacked systems ↓ https://t.co/t1sn34v15N
@TheHackersNews
17 Jun 2025
23553 Impressions
94 Retweets
205 Likes
59 Bookmarks
2 Replies
4 Quotes
🚨 Google Chrome 0-Day Vulnerability Exploited by APT Hackers in the Wild Read more: https://t.co/Lgl5FWZGFU A sophisticated attack campaign exploiting a Google Chrome zero-day vulnerability tracked as CVE-2025-2783, marking yet another instance of advanced persistent threat
@The_Cyber_News
17 Jun 2025
908 Impressions
8 Retweets
20 Likes
6 Bookmarks
0 Replies
0 Quotes
Google Chromeのゼロデイ脆弱性CVE-2025-2783が発見され、APTグループ「Team46(別名TaxOff)」によるサイバー諜報活動で悪用されている。この脆弱性はChromeのMojoコンポーネントに存在し、サンドボックスの回避を可能
@yousukezan
17 Jun 2025
3970 Impressions
6 Retweets
39 Likes
9 Bookmarks
0 Replies
0 Quotes
Team46 (TaxOff) exploits Chrome zero-day (CVE-2025-2783) in a sophisticated phishing campaign using obfuscated malware loaders like Trinper. The operation, active since 2024, highlights advanced evasion tactics. 🕵️♂️ #China #ZeroDay https://t.co/Ba1TgAPGPg
@TweetThreatNews
17 Jun 2025
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In March 2025, TaxOff exploited Chrome zero-day CVE-2025-2783 with phishing emails to deploy the Trinper backdoor. Strong links tie TaxOff and Team46 via tactics, malware, and attack methods. 🔍 #ThreatGroup #ChromeExploit #US https://t.co/fBoOvbDPh0
@TweetThreatNews
16 Jun 2025
64 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Operación #ForumTroll: un ataque #APT altamente sofisticado 🚨 Nuestros expertos del GReAT han identificado un ciberataque dirigido que aprovechaba una vulnerabilidad de día cero en #Chrome (CVE-2025-2783). Más detalles en nuestro blog. 🔗 https://t.co/GCOveD36Di
@EChavarro
16 Jun 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Chrome's May update (versions 136.0.7103.113/.114) patches critical vulnerabilities, including actively exploited CVE-2025-4664 and the year's first zero-day CVE-2025-2783. Enjoy improved performance and new features! 🚀 #BrowserUpdate #SecurityAl… https://t.co/l2Rux7U
@TweetThreatNews
16 May 2025
85 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Chrome users targeted in cyber-espionage via zero-day flaw (CVE-2025-2783). Update now, avoid phishing links, and enable enhanced security. #CyberSecurity https://t.co/1P9TNC5Zw1
@RelianceInfoSys
9 May 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2783怖いな Electron使ってるやつあるから変えないとか…?
@ulong32
30 Apr 2025
139 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨NSOC Advisory🚨Chrome Zero-Day Patched: CVE-2025-2783 lets attackers escape the sandbox on Chrome < 134.0.6998.177 via a malicious file update to 134.0.6998.177+ immediately, enforce auto-updates via GPO/MDM, and tighten extension & EDR policies to prevent drive-by
@cirtgovjm
30 Apr 2025
207 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2783 やばいなぁ。Chromium ベースのブラウザや Electron 系の UI は更新せんとまずいよ。
@mattn_jp
30 Apr 2025
26466 Impressions
48 Retweets
166 Likes
61 Bookmarks
0 Replies
4 Quotes
Google Chromeに重大な脆弱性(CVE-2025-2783)が発見された。これはV8 JavaScriptエンジンのメモリ破損に起因し、攻撃者がサンドボックスを脱出してOSにアクセスできる恐れがあるものである。
@yousukezan
29 Apr 2025
32676 Impressions
154 Retweets
390 Likes
136 Bookmarks
0 Replies
3 Quotes
🚨 New Chrome 0-day (CVE-2025-2783) lets attackers escape the sandbox via a flaw in Mojo IPC on Windows. Used in "Operation ForumTroll" to hit Russian media/gov orgs. ⚠️ CVSS 8.8 – Full system compromise via phishing/malicious sites. https://t.co/zg1a99JFxl
@CareWeDoNot
29 Apr 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2783 Deep Dive Analysis https://t.co/baabN8FUfv
@Dinosn
29 Apr 2025
2890 Impressions
6 Retweets
36 Likes
13 Bookmarks
0 Replies
0 Quotes
Attention all users of Chromium-based browsers! A serious vulnerability, CVE-2025-2783, has been discovered that allows attackers to bypass browser security. This flaw affects popular browsers like Chrome, Edge, and Brave. Update to version 134.0.6998.178 or later. https://t.co/H
@The4n6Analyst
20 Apr 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-2783
@transilienceai
17 Apr 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55EB6B03-2E87-4B74-A41D-1A48BAFDC687",
"versionEndExcluding": "134.0.6998.177"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]