Chrome zero-day exploited in Russian-targeted spyware campaign.

A state-sponsored group used a Chrome sandbox escape flaw, CVE-2025-2783, in a phishing campaign called Operation ForumTroll to target Russian organizations. Victims received forum-themed emails linking to malware that bypassed browser protections and installed LeetAgent spyware. The tool logged keystrokes, stole files, and communicated with a command server. Though not used in this attack, Memento Labs’ Dante spyware shares code and tactics with the deployed malware.

Read more:

https://www.securityweek.com/chrome-zero-day-exploitation-linked-to-hacking-team-spyware/