Google News Articles

Chrome 0-Day CVE-2025-4664 Exposes Windows, Linux Browser Activity

A Chrome zero-day bug, CVE-2025-4664, exposes login tokens on Windows and Linux. Google has issued a fix, users should update immediately.

15 hours ago

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog.

1 week ago

CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664) - Help Net Security

A Chrome vulnerability (CVE-2025-4664) that Google has fixed on Wednesday is being leveraged by attackers, CISA has confirmed.

1 week ago

CISA tags recently patched Chrome bug as actively exploited

On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser.

1 week ago

Google Chrome Update Fixes CVE-2025-4372 & Other Flaws

Google Chrome latest update patches CVE-2025-4372, CVE-2025-4664, and CVE-2025-2783 vulnerabilities.

1 week ago

Google Chrome Update Fixes CVE-2025-4372 & Other Flaws

Google Chrome latest update patches CVE-2025-4372, CVE-2025-4664, and CVE-2025-2783 vulnerabilities.

1 week ago

CISA Warns of Google Chromium 0-Day Vulnerability Actively Exploited in the Wild - Patch Now!

The Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-4664 to its Known Exploited Vulnerabilities Catalog as the vulnerability is actively exploited in the wild in attacks.

1 week ago

Chrome vulnerability with exploit in the wild

Google is updating Chrome and plugging security leaks in the process. There is already an exploit for one of them, the company explains.

1 week ago

Google Chrome Zero-Day Vulnerability (CVE-2025-4664) Actively Exploited in The Wild

Google has rolled out a fresh Stable Channel update for the Chrome browser across desktop platforms, including Windows, Mac, and Linux.

1 week ago

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Chrome flaw CVE-2025-4664 enables cross-origin data leaks; active exploit confirmed; update to 136.0.7103.113.

1 week ago

Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’

Google has rolled out a Chrome 136 update that resolves a high-severity vulnerability for which a public exploit exists.

1 week ago

Critical Google Chrome 136 Audio Bug Lets Hackers Remotely Install Malware

Hackers could use an audio vulnerability to remotely execute malicious code in Google Chrome — you have been warned, take action now.

2 weeks ago

Microsoft Security Researchers Discover Chromium Vulnerability -- Redmondmag.com

Microsoft last week disclosed a sophisticated cyber campaign by a North Korean threat actor exploiting a zero-day vulnerability in the Chromium browser.

Chrome Use-After-Free Vulnerability Enables Remote Code Attacks

Google has rolled out a critical update for its Chrome browser, addressing a high-severity vulnerability that could allow remote code execution.

Google’s Quick Share for Windows Vulnerability Let Attackers Remote Code

Critical vulnerabilities in Google's Quick Share file transfer utility for Windows allowed attackers to achieve remote code execution (RCE) without user interaction. 

Google Quick Share Bug Bypasses Allow 0-Click File Transfer

Google addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced "QuickShell" silent RCE attack chain against Windows users.

Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

Quick Share flaw CVE-2024-10668 bypasses earlier fixes, enabling DoS or unauthorized file delivery.

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

Google patched a Chrome 0-day (CVE-2025-2783) used in live attacks on Russian targets via phishing.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching,

New Entries In CISA Known Exploited Vulnerabilities Catalog

CISA adds critical vulnerabilities like CVE-2025-2783, CVE-2019-9874, and CVE-2019-9875 to the Known Exploited Vulnerabilities Catalog.

Chrome, Firefox patch privacy-destroying security flaw

Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia. Now...

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day.

Mozilla warns Windows users of critical Firefox sandbox escape flaw

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems.

Google Hastily Patches Chrome Zero-Day Exploited by APT

Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) - Help Net Security

Google is rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability exploited by an APT group.

Fixing CVE-2025-2783 With Chrome Stable Channel Update

The Stable Channel Update for Chrome addresses CVE-2025-2783, fixing a critical security flaw.

CVE-2025-2783 in Operation ForumTroll APT

Kaspersky’s GReAT experts have discovered the Operation ForumTroll APT attack, which used a zero-day vulnerability in Google Chrome.

Google Chrome Zero-Day Vulnerability Actively Exploited in the Wild

Google has released an urgent update for its Chrome browser to patch a zero-day vulnerability, known as CVE-2025-2783.

Google fixes Chrome zero-day exploited in espionage campaign

​Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser's sandbox and deploy malware in espionage attacks targeting Russian organizations.

Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild

Google has released an urgent security update for its Chrome browser after cybersecurity researchers at Kaspersky discovered.

Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google fixed Chrome zero-day CVE-2025-2783 on Mar 20 after attacks exploited a sandbox bypass flaw.

Kaspersky discovers sophisticated Chrome zero-day exploit used in active attacks

Kaspersky has identified and helped patch a sophisticated zero-day vulnerability in Google Chrome (CVE-2025-2783) that allowed attackers to bypass the browser’s sandbox protection system. The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction b...

Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky

Chrome vulnerability CVE-2025-2783 was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.

Android Zygote Injection Flaw Lets Attackers Execute Code & Gain Elevated Privileges

A significant vulnerability in the Android operating system, identified as CVE-2024-31317, has been discovered, allowing attackers.

Android zero-day vulnerabilities actively abused. Update as soon as you can

Android's March 2025 security update includes two zero-days which are under active exploitation in targeted attacks.

Google Confirms 2 New Android Zero Day Exploits—Update Now

Update your Android device now as Google confirms two zero day vulnerabilities already exploited by attackers.

Android security update contains 2 actively exploited vulnerabilities

Google’s monthly batch of security fixes addressed 43 vulnerabilities.

Application Development | Cyber security technical information

Preface: Android frameworks deliver an environment where you already have access to libraries, best practices, and extensive help documentation. As a matter of fact, there are well over ten android...

Chrome Security Update - Patch for 3 High-Severity Vulnerabilities

Google has released a critical update for the Chrome browser, addressing three high-severity security vulnerabilities.

Update Chrome immediately: Two high-risk vulnerabilities revealed

Google has identified two high-severity vulnerabilities in its Chrome web browser, specifically CVE-2024-12381 and CVE-2024-12382, prompting an urgent call

Update Chrome Now—Google Warns Of 2 New High-Risk Vulnerabilities

Two new high-severity Chrome browser security vulnerabilities have been confirmed by Google—ensure you update and activate the new protections now.

New Google Chrome Security Warning—Update Now

A rare emergency update for the Google Chrome browser, across all platforms, has just dropped—users must update now.

Multiple Flaws With Android & Google Pixel Devices Let Attackers Elevate Privileges

Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions of users to potential security risks.

CISA adds Android zero-day that infected Chinese shopping app to KEV catalog

An Android zero-day that exploited millions of devices via a Chinese ecommerce app was added to CISA's catalog of known exploited vulnerabilities.

Android app from China executed 0-day exploit on millions of devices

Fast-growing e-commerce app Pinduoduo had an EvilParcel stow-away.

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

U.S. CISA adds two new vulnerabilities to its KEV catalog, warning of active exploitation of Android and Novi Survey flaws.

Cert-In Reports Vulnerabilities In Google Chrome

CERT-In reports critical vulnerabilities in Google Chrome that could lead to code execution, data theft, and system crashes.