From PC Mag: Google has patched a previously unknown vulnerability in the Chrome browser that was used to deliver spyware to Russian users.
The zero-day vulnerability, dubbed CVE-2025-2783, created an attack that could infect a Windows PC if the user clicked on a malicious link, according to antivirus provider Kaspersky, which discovered the threat.
"In mid-March 2025, Kaspersky detected a wave of infections triggered when users clicked personalized phishing links delivered via email,” the company said. “After clicking, no additional action was needed to compromise their systems.”
The flaw involves "a logical error at the intersection of Google Chrome’s sandbox and the Windows operating system"—the Mojo programming language for Windows, Kaspersky added in a blog post.
View: Full Article
