Google patched a critical Chrome flaw (CVE-2025-2783) after Kaspersky detected its use in a state-backed cyberespionage campaign targeting Russian organizations. Attackers used phishing emails to lure victims to malicious sites, exploiting the bug to bypass Chrome’s sandbox. Kaspersky reported the issue, and Google quickly released a fix.

‍