Google Chrome is the most popular browser in the world, and is used by billions of people. However, its widespread use makes it a major target for bad actors who take advantage of different ways, such as malicious extensions, hunting links and fake sites. The last attack includes infiltrators who take advantage of a security vulnerability in the browser to conduct spy. Google confessed to safety and issued a reform update.
A man uses Google Chrome on his laptop (Cyberguy “Knutsson)
About the attack
Kaspersky security researchers in Kaspersky recently discovered a complex Syber spy campaign that used a previously unknown vulnerability in Google Chrome. The attack was operated when the victims clicked on the connection of the hunting in an e -mail, and a harmful location was launched in their browser. Distinguishingly, there was no other procedure. Simply opening the link was enough to infection the system.
according to Kaspersky reportMescape programs were based on twice the day of zero, which were later identified as CVE-2025-2783. The researchers say they analyzed the exploitation, and they assigned its logic and revealed that it allowed the attackers to overcome the safety features of Chrome as if it were not present.
Weakness took advantage of the CHROME connection framework, known as Mojo, which is extremely important to the browser function. This allowed the attackers to carry out harmful software instructions through various operations within Chrome, which actually exceeds security measures.
“We have discovered and informed dozens of the scratch on the day of the attack actively used in the attacks, but this particular exploitation is certainly one of us most interesting,” Kaspersky said.
The cybersecurity team also shed light on the hidden nature of the attack, which was primarily targeted by professionals in the field of media, educational institutions and government agencies. It seems that the campaign delivered by “Operation Forum” has a basic goal.
Google Chrome on the phone (Cyberguy “Knutsson)
Clickfix Malware deceives you in your Windows computer
Google responded to the attack
Once I am Kaspersky about weakness, Google has released emergency repair. The company has updated the Chrome stable channel for Windows, where the update was gradually put forward to users over the next few days and weeks. Meanwhile, the stable, stable channel has also been updated.
As with most safety updates, Google keeps detail under the winding until the majority of users are installed. This is a standard reserve to prevent other infiltrators from exploiting the defect, while some users are still not protected. If the error also affects the third party program, Google will continue to restrict the details until these platforms make their own corrections.
Inventive Chrome accessories are 2.6 million users at the risk of data leakage
How to update Google Chrome
Although malware affects the Windows version of Google Chrome, it is a good idea for everyone who uses Google Chrome to update their browsers. Below, we have included steps to update the browser on Windows and other devices. To learn more about how to update other browsers like Safari, See my guide here.
Windows
- Open Chrome
- On the right top, click more
- Click Helpthen About Google Chrome
- He chooses Google Chrome updateNote: If you don’t see the “Google Chrome update” button, your browser will be already updated
- Click Restart To complete
Google Chrome update on Windows (Cyberguy “Knutsson)
McCos
- Open Google Chrome On your Mac device
- Click Three points In the right upper corner of the browser window
- Go to Help > About Google Chrome from the drop -down menu
- The browser will automatically check up updates. If the update is available, the download will start immediately
- Once you download the update, click Restart To apply it
- If the above -mentioned steps fail, or you don’t see the update option, visit Google.com/chrome To download the latest version manually, then open Installation Follow Instructions on the screen To install the chrome
iPhone/iPad
- Open App Store On iPhone or iPad
- Click on your Profile image In the right upper corner of the screen
- Go down to The available updateS and search for Google Chrome In the list of applications with suspended updates
- If you see Chrome runwayClick on to update Button
- If you do not see Chrome under the available updates, use the search bar at the top of the application store and type Google ChromeThen click on Google Chrome In search results and verify whether the update button is available. If so,, Click on it
- Once update, a A small blue point It will appear next to the Chrome application on your main screen, indicating that it has been updated recently
- You can also confirm that Chrome is updated Reopening the application storeMoving down to the update recently and checking if Google Chrome appears there with today’s date
Android
SEttings may vary depending on the Android manufacturer.
- Open Google Play Store app On your device
- Click on your Profile icon In the right upper corner of the screen
- He chooses Application and device management From the list
- Under the available updates, click See details To view a list of applications with suspended updates
- Location Google Chrome In the list and click the update button next to it
- If you do not see Chrome included in the framework of updates, look for Google Chrome In the search bar in the Play Store, then press chrome In the results and verify whether it is Update button available. If so, click on it
- Once update, press Open To launch the latest version of Chrome
Snements who outperform your identity stealing
3 additional ways to protect your privacy
Although the Chrome update should be weak, there are some security advice that you can follow to enhance your privacy and safety.
1) You have a strong antivirus program: Osmen often get access to devices by sending infected emails or documents or by deceiving you to click on a link that downloads malware. You can avoid all this by installing strong virus control programs that will discover any possible threat before it can seize your device. Get my choices for the best winners to protect antivirus 2025 for Windows, Mac, Android and iOS devices.
2) Empowerment of bilateral approval (2FA): Many online accounts, including Google, offer dual -factors as an additional safety measure. 2FA empowerment It ensures that even if the infiltrator gets your password, they still need another model of verification, such as a code that is sent to your phone, to reach your account. This simple step greatly reduces unauthorized access opportunities.
3) Use a safe password manager: Strong password is very important, but it may be difficult to remember multiple complex passwords. The password manager creates strong passwords, stores and automatic issues for your accounts, which reduces the risk of password -related violations. Avoid using the same password through different sites and always choosing long and unique passwords. Get more details about my country The best password managers reviewed by experts in 2025 here.
Court Kisa Curt
This incident is another reminder that even the safest systems are never really unknown, especially when you play state or high skilled actors. Although Google’s fast response is worthy of praise, it also highlights the endless cat and mouse game between safety teams and the e -criminal. If you are using Chrome, update it now.
Do you think Google is doing enough to protect users from safety threats? Let’s know through our writing in Cyberguy.com/contact.
For more technical advice and security alerts, participated in the free newsletter of Cyberguy Report by going to Cyberguy.com/newsledter.
Ask Kurt a question or tell us about the stories you want to cover.
Follow Court on his social channels:
Answers to the most amazing Cyberguy questions:
New from Court:
Copyright 2025 Cyberguy.com. All rights reserved.
