9 articles tagged with "Chrome"
Google's DBSC ties authentication cookies to hardware TPM chips, making stolen sessions worthless. Chrome 146 for Windows now protects against infostealer attacks.
CVE-2026-5281 exploited in the wild targets Dawn WebGPU implementation. Google rushes emergency patch as Chrome zero-days accelerate in 2026.
VoidStealer v2.0 becomes the first infostealer to extract Chrome's v20_master_key using hardware breakpoints. No injection or privilege escalation required.
Google patches two actively exploited Chrome zero-days affecting Skia graphics and V8 JavaScript engine. CISA adds both to KEV catalog with March 27 deadline.
CISA confirms active exploitation of Chrome CVE-2026-2441, Zimbra SSRF, Windows ActiveX CVE-2008-0015, and ThreatSonar flaws. Federal agencies face March 10 deadline.
CVE-2026-2441 is a high-severity CSS use-after-free in Chrome being exploited in the wild. Update to version 145.0.7632.75 immediately.
Malicious extensions have compromised over 15 million users in the past year. Here's how attackers exploit the extension ecosystem and what organizations can do.
CVE-2026-0628 allowed malicious extensions to inject scripts into privileged pages through insufficient policy enforcement. Update to Chrome 143.0.7499.192.
Google patches CVE-2026-0628 in first 2026 update. The high-severity bug affects billions of users across Chrome and Android applications.