Google has addressed a high-severity vulnerability in Chrome on Windows, that hackers have actively exploited in the wild. Tracked as CVE-2025-2783, the flaw stems from an incorrect handle being provided in certain unspecified conditions within Mojo, Chrome’s IPC framework. While technical details remain limited, attackers have used this flaw to target organizations in Russia, highlighting its real-world impact. It is being weaponized in phishing attacks, redirecting victims to a malicious domain as part of a cyber-espionage campaign known as Operation ForumTroll.
What’s new on HivePro
Get through updates and upcoming events, and more directly in your inbox