synopsis

A critical security flaw in Google Chrome, CVE-2025-2783, put users at risk of cyberattacks. Attackers exploited this vulnerability through phishing emails and malicious links, bypassing Chrome's security safeguards. Users are urged to update their browsers immediately to mitigate the risk.

A major security flaw in Google Chrome browser has put media outlets, government agencies, and educational institutions at risk of cyberattacks. The vulnerability was found by Kaspersky's Global Research and Analysis Team (GReAT) and was given the name CVE-2025-2783. After clicking on a malicious link, it enabled attackers to get around Chrome's security safeguards without the user having to do anything.

According to reports, the FBI has stepped up its warnings against fraudulent online document converters, showing that customers are still falling for this growing cybersecurity risk. The agency has described how hackers are stealing user data, such as passwords and financial information, by creating phoney websites. It claims that hackers are conducting cyberattacks by taking advantage of search engines.

Also Read | Beware! WhatsApp OTP scams can let hackers control your account

How hackers exploited the flaw?

Kaspersky claims that a cybercriminal organisation took use of this vulnerability as part of a campaign called "Operation ForumTroll." Attackers invited Russian targets to join the "Primakov Readings" forum using phishing emails. The URLs in the emails were functional at first, but they eventually led people to the actual forum, making it more difficult to identify the assault. This exploit's true threat was its capacity to get beyond Chrome's sandbox protection, a security measure meant to stop malicious files from impacting the system as a whole. The exploit operated covertly in the background after the victim clicked the link, giving hackers illegal access.

Citing an FBI spokesperson, Bleeping Computer said that scammers employ sophisticated tactics to cheat users: “The scammers try to imitate legitimate URLs, so changing just one letter, or 'INC' instead of 'CO',” according to FBI Denver Public Affairs Office spokesperson Vikki Migoya. Search engine algorithms that commonly show sponsored results at the top of search pages—many of which may be fraudulent—exacerbate the issue.

Also Read | Gemini 2.5: Sundar Pichai calls it Google's 'most intelligent AI model ever' | Check how is it superior

How to stay safe from cyber attack?

Chrome users should upgrade their browser right now in order to guard against this issue. Users of Windows may already download the update, and updates for other Chromium-based browsers should be available soon. By selecting Settings > About Chrome, users may check for updates. If there are any available, the most recent version will download instantly.

Security professionals advise users to:

  • Before utilising any online conversion tool, carefully check URLs.
  • Steer clear of free advertisements that show up at the top of search results.
  • Before using any file converting service, do your homework and read reviews.
  • Ideally, stay away from online document converters completely and stick with well-known programs and platforms instead.

Updating software is essential to preventing cyberattacks since these threats are always changing.
 

For latest News whatsapp subscribe to Asianet News Whatsapp channel by clicking here.For breaking news and more whatsapp subscribe to Asianet News on YouTube by clicking here.