Google News Articles

Microsoft Security Researchers Discover Chromium Vulnerability -- Redmondmag.com

Microsoft last week disclosed a sophisticated cyber campaign by a North Korean threat actor exploiting a zero-day vulnerability in the Chromium browser.

3 days ago

Google’s Quick Share for Windows Vulnerability Let Attackers Remote Code

Critical vulnerabilities in Google's Quick Share file transfer utility for Windows allowed attackers to achieve remote code execution (RCE) without user interaction. 

2 weeks ago

Google Quick Share Bug Bypasses Allow 0-Click File Transfer

Google addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced "QuickShell" silent RCE attack chain against Windows users.

2 weeks ago

Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

Quick Share flaw CVE-2024-10668 bypasses earlier fixes, enabling DoS or unauthorized file delivery.

2 weeks ago

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

Google patched a Chrome 0-day (CVE-2025-2783) used in live attacks on Russian targets via phishing.

2 weeks ago

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

3 weeks ago

Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching,

3 weeks ago

New Entries In CISA Known Exploited Vulnerabilities Catalog

CISA adds critical vulnerabilities like CVE-2025-2783, CVE-2019-9874, and CVE-2019-9875 to the Known Exploited Vulnerabilities Catalog.

3 weeks ago

Chrome, Firefox patch privacy-destroying security flaw

Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia. Now...

3 weeks ago

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day.

3 weeks ago

Mozilla warns Windows users of critical Firefox sandbox escape flaw

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems.

3 weeks ago

Google Hastily Patches Chrome Zero-Day Exploited by APT

Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.

3 weeks ago

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) - Help Net Security

Google is rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability exploited by an APT group.

3 weeks ago

Fixing CVE-2025-2783 With Chrome Stable Channel Update

The Stable Channel Update for Chrome addresses CVE-2025-2783, fixing a critical security flaw.

3 weeks ago

CVE-2025-2783 in Operation ForumTroll APT

Kaspersky’s GReAT experts have discovered the Operation ForumTroll APT attack, which used a zero-day vulnerability in Google Chrome.

3 weeks ago

Google Chrome Zero-Day Vulnerability Actively Exploited in the Wild

Google has released an urgent update for its Chrome browser to patch a zero-day vulnerability, known as CVE-2025-2783.

3 weeks ago

Google fixes Chrome zero-day exploited in espionage campaign

​Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser's sandbox and deploy malware in espionage attacks targeting Russian organizations.

3 weeks ago

Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild

Google has released an urgent security update for its Chrome browser after cybersecurity researchers at Kaspersky discovered.

3 weeks ago

Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google fixed Chrome zero-day CVE-2025-2783 on Mar 20 after attacks exploited a sandbox bypass flaw.

3 weeks ago

Kaspersky discovers sophisticated Chrome zero-day exploit used in active attacks

Kaspersky has identified and helped patch a sophisticated zero-day vulnerability in Google Chrome (CVE-2025-2783) that allowed attackers to bypass the browser’s sandbox protection system. The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction b...

3 weeks ago

Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky

Chrome vulnerability CVE-2025-2783 was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.

3 weeks ago

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.

3 weeks ago

Android Zygote Injection Flaw Lets Attackers Execute Code & Gain Elevated Privileges

A significant vulnerability in the Android operating system, identified as CVE-2024-31317, has been discovered, allowing attackers.

Android zero-day vulnerabilities actively abused. Update as soon as you can

Android's March 2025 security update includes two zero-days which are under active exploitation in targeted attacks.

Google Confirms 2 New Android Zero Day Exploits—Update Now

Update your Android device now as Google confirms two zero day vulnerabilities already exploited by attackers.

Android security update contains 2 actively exploited vulnerabilities

Google’s monthly batch of security fixes addressed 43 vulnerabilities.

Application Development | Cyber security technical information

Preface: Android frameworks deliver an environment where you already have access to libraries, best practices, and extensive help documentation. As a matter of fact, there are well over ten android...

Chrome Security Update - Patch for 3 High-Severity Vulnerabilities

Google has released a critical update for the Chrome browser, addressing three high-severity security vulnerabilities.

Update Chrome immediately: Two high-risk vulnerabilities revealed

Google has identified two high-severity vulnerabilities in its Chrome web browser, specifically CVE-2024-12381 and CVE-2024-12382, prompting an urgent call

Update Chrome Now—Google Warns Of 2 New High-Risk Vulnerabilities

Two new high-severity Chrome browser security vulnerabilities have been confirmed by Google—ensure you update and activate the new protections now.

New Google Chrome Security Warning—Update Now

A rare emergency update for the Google Chrome browser, across all platforms, has just dropped—users must update now.

Multiple Flaws With Android & Google Pixel Devices Let Attackers Elevate Privileges

Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions of users to potential security risks.

CISA adds Android zero-day that infected Chinese shopping app to KEV catalog

An Android zero-day that exploited millions of devices via a Chinese ecommerce app was added to CISA's catalog of known exploited vulnerabilities.

Android app from China executed 0-day exploit on millions of devices

Fast-growing e-commerce app Pinduoduo had an EvilParcel stow-away.

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

U.S. CISA adds two new vulnerabilities to its KEV catalog, warning of active exploitation of Android and Novi Survey flaws.

Cert-In Reports Vulnerabilities In Google Chrome

CERT-In reports critical vulnerabilities in Google Chrome that could lead to code execution, data theft, and system crashes.

Google Android Deadline—You Have 21 Days To Update Your Phone

Government warns all users to act now as attacks are confirmed to be underway.

WebP Zero-Day: Everything You Need to Know About Libwebp  - Upwind

This month, the Citizen Lab at The University of Toronto’s Munk School and Apple Security Engineering and Architecture (SEA) opened two critical vulnerabilities related to WebP images and Google’s webmproject/libwebp library.  So, what is Libwebp?  Libwebp is a commonly used library used to render W...

Google patches actively exploited Android vulnerability (CVE-2024-43093) - Help Net Security

Google delivers fixes for Android vulnerabilities that "may be under limited, targeted exploitation": CVE-2024-43047 and CVE-2024-43093.

Android flaw may be under limited, targeted exploitation

Google warned that a vulnerability, tracked as CVE-2024-43093, in the Android OS is actively exploited in the wild.

Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System

Google warns of CVE-2024-43093, a privilege escalation flaw in Android, now under active exploitation.

Critical Chrome Security Update: Patch for Out-of-Bounds & WebRTC Vulnerability

Google has rolled out a critical security update for its Chrome browser, addressing significant vulnerabilities that attackers could exploit.

Google Patches Critical Chrome Vulnerability Reported by Apple

Google has patched CVE-2024-10487, a critical Chrome vulnerability, and Mozilla has patched high-severity flaws in Firefox.

Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day

The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space.

Lazarus APT steals cryptocurrency and user data via a decoy MOBA game

Kaspersky GReAT experts break down the new campaign of Lazarus APT which uses social engineering and exploits a zero-day vulnerability in Google Chrome for financial gain.

PoC Exploit Released for CVE-2024-7965 Zero-Day Chrome Vulnerability

A PoC exploit has been released for a critical zero-day vulnerability identified as CVE-2024-7965, affecting Google's Chrome browser.

Google Chrome Update Warning Prompts Microsoft To Suggest Using SmartScreen Instead

Attack details confirmed, as 2 billion Chrome users given stark decision to make.

North Korean threat actor Citrine Sleet exploiting Chromium zero-day | Microsoft Security Blog

Microsoft observed North Korean threat actor Citrine Sleet exploiting the CVE-2024-7971 zero-day vulnerability in Chromium. Citrine Sleet targets the cryptocurrency sector for financial gain.