Chrome Sandbox Bypassed in Forum Troll Espionage Campaign

Chrome Sandbox Bypassed in Forum Troll Espionage Campaign

In March 2025, Google confirmed that threat actors were actively exploiting a zero-day vulnerability in Google Chrome - tracked as CVE-2025-2783. This logic flaw allowed attackers to bypass Chrome's sandbox protections by exploiting an interaction between Chrome and the Windows operating system.

The exploit was used in a sophisticated cyber-espionage campaign dubbed "Operation Forum Troll," which primarily targeted media professionals, educational institutions, and government agencies.

The National Vulnerability Database (NVD) is the U.S. government repository of standards-based vulnerability management data represented using the Security Content Automation Protocol (SCAP).

The exploit was used in a sophisticated cyber-espionage campaign dubbed "Operation Forum Troll"

This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics. The NVD is at nvd.nist.gov