GBHackers News reports that attacks exploiting the already-fixed high-severity Google Chrome zero-day flaw, tracked as CVE-2025-2783, have been launched by the Team46 advanced persistent threat operation, also known as TaxOff, to spread the Trinper malware as part of a campaign that was initially observed in March.
Organizations across Russia have been targeted with malicious emails purporting to be high-profile event invitations with links, which redirect to phishing sites leveraging the exploit to facilitate sandbox escape in the Chrome browser and allow subsequent Trinper backdoor installation without any user interaction, according to an analysis from Positive Technologies. Similar tactics have been employed in phishing campaigns since October, said researchers. Such findings come after the flaw was added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog. Organizations and individuals using Google Chrome have been advised to not only ensure up-to-date browser implementations but also adopt endpoint protection platforms that could identify zero-day exploits.
Organizations across Russia have been targeted with malicious emails purporting to be high-profile event invitations with links, which redirect to phishing sites leveraging the exploit to facilitate sandbox escape in the Chrome browser and allow subsequent Trinper backdoor installation without any user interaction, according to an analysis from Positive Technologies. Similar tactics have been employed in phishing campaigns since October, said researchers. Such findings come after the flaw was added to the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog. Organizations and individuals using Google Chrome have been advised to not only ensure up-to-date browser implementations but also adopt endpoint protection platforms that could identify zero-day exploits.
