Google News Articles

Google Chrome bug exploited as an 0-day - patch now

Google pushed an emergency patch on Monday for a high-severity Chrome bug that attackers have already found and exploited in the wild. The vulnerability, tracked as CVE-2025-13223, is a type confusion flaw in...

2 days ago

Google patches yet another exploited Chrome zero-day (CVE-2025-13223) - Help Net Security

Google has shipped a fix for a Chrome vulnerability (CVE-2025-13223) reported as exploited in the wild by its Threat Analysis Group.

2 days ago

Google fixed the seventh Chrome zero-day in 2025

Google patched two Chrome flaws, including a V8 type-confusion bug, tracked as including CVE-2025-13223, which was exploited in the wild.

2 days ago

Google Issues Security Fix for Actively Exploited Chrome V8 Zero-Day Vulnerability

Google patches two critical V8 flaws, including actively exploited CVE-2025-13223, urging immediate Chrome updates.

2 days ago

Chrome 142 Update Patches Exploited Zero-Day

Google rolled out an emergency Chrome 142 update to address CVE-2025-13223, a vulnerability exploited in the wild as a zero-day.

2 days ago

CERT-In Issues High Alert for Millions of Android Users in India: Who’s at Risk and How to Stay Safe - The Logical Indian

CERT-In warns millions of Android users in India to update November 2025 security patches urgently to fix critical zero-click vulnerability.

2 weeks ago

Google Chrome 142 Fixes RCE Flaws CVE-2025-12725, 12727

Google’s Chrome 142 update patches critical RCE bugs, including CVE-2025-12725 in WebGPU and CVE-2025-12727 in V8. Users urged to update immediately.

2 weeks ago

CVE-2025-48593: Critical Zero-Click Vulnerability in Android Enables Remote Code Execution | SOC Prime

Explore CVE-2025-48593 analysis, a critical remote code execution vulnerability in Android, with the details on the SOC Prime blog.

2 weeks ago

Critical Android 0-Click Vulnerability Enables Remote Code Execution

The vulnerability, tracked as CVE-2025-48593, represents a severe risk to Android devices worldwide and affects multiple versions of the operating system.

2 weeks ago

Samsung And Google Issue Update Warning—No Fix For 1 Billion Users

Update now warning issued for all Android users — check now to see if you can get this or need to upgrade your phone.

2 weeks ago

Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User

A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS messages on behalf of the user.

3 weeks ago

Google Wear OS Message App Vulnerability Let Any Installed App To Send SMS Behalf Of User

A vulnerability in Google Messages on Wear OS devices allows any installed app to silently send SMS, MMS, or RCS messages on behalf of the user.

3 weeks ago

Italian-made spyware Dante linked to Chrome zero-day exploitation campaign - Help Net Security

A Chrome zero-day flaw was used by unknown attackers to deliver LeetAgent, suspected commercial spyware with ties to Memento Labs' Dante.

3 weeks ago

Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware

Kaspersky reveals Chrome zero-day CVE-2025-2783 exploited to deploy Memento Labs’ LeetAgent spyware.

3 weeks ago

Memento Labs, the ghost of Hacking Team, has returned — or maybe it was never gone at all.

Kaspersky links the first Chrome zero-day of 2025 to tools used in attacks attributed to Memento Labs, formerly known as the Hacking Team.

3 weeks ago

Memento Spyware Tied to Chrome Zero-Day Attacks

While investigating the cyberattacks, researchers uncovered a new spyware product from Memento Labs, the successor to the infamous Hacking Team.

3 weeks ago

Chrome 0-Day Exploited in Espionage by Mem3nt0 Mori

Hackers exploit a Chrome 0-day to deploy spyware in attacks tied to Mem3nt0 Mori. Google patches CVE-2025-2783; users urged to update fast.

3 weeks ago

Italian spyware vendor linked to Chrome zero-day attacks

A zero-day vulnerability in Google Chrome exploited in Operation ForumTroll earlier this year delivered malware linked to Italian spyware vendor Memento Labs, born after IntheCyber ​​Group acquired the infamous Hacking Team.

3 weeks ago

Italian spyware vendor linked to Chrome zero-day attacks

A zero-day vulnerability in Google Chrome exploited in Operation ForumTroll earlier this year delivered malware linked to Italian spyware vendor Memento Labs, born after IntheCyber ​​Group acquired the infamous Hacking Team.

3 weeks ago

Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group

The notorious Mem3nt0 mori hacker group has been actively exploiting a zero-day vulnerability in Google Chrome to compromise high-profile targets across Russia and Belarus.

3 weeks ago

Mem3nt0 mori – The Hacking Team is back!

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

3 weeks ago

CVE-2025-12036 Vulnerability: A New Critical Chrome V8 JavaScript Engine Flaw Enables Attackers to Execute Remote Code on Vulnerable Systems | SOC Prime

Explore CVE-2025-12036 details, a critical Chrome V8 JavaScript engine Vulnerability leading to RCE, with an in-depth overview on our SOC Prime blog.

4 weeks ago

Chrome V8 JavaScript Engine Vulnerability Allows Attackers to Execute Remote Code

The vulnerability was discovered by Google's Big Sleep project on October 15, 2025, marking another significant find by the company's AI-powered security research initiative.

1 month ago

Cursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilities

The latest releases of Cursor and Windsurf integrated development environments are vulnerable to more than 94 known and patched security issues in the Chromium browser and the V8 JavaScript engine.

1 month ago

Google Fixes Critical Chrome Remote Code Execution Bug

Google patches a Chrome Safe Browsing flaw (CVE-2025-11756) that lets attackers execute code remotely. Users urged to update immediately.

New Pixnapping Android Flaw Lets Rogue Apps Steal 2FA Codes Without Permissions

Pixnapping side-channel can steal 2FA codes pixel-by-pixel on Android 13–16; CVE-2025-48561 patched Sept 2025 but workaround exists.

Multiple Chrome Vulnerabilities Let Attackers Execute Arbitrary Code

Google’s October 2025 desktop update for Chrome addresses three critical memory handling flaws that could allow drive-by arbitrary code execution

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

Google releases critical Chrome update patching zero-day CVE-2025-10585, discovered Sept 16, to block active V8 JavaScript engine exploits worldwide.

Apple patches security flaw exploited in Chrome zero-day attacks

Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users.

Apple Patches Safari Vulnerability Also Exploited as Zero-Day in Google Chrome

Apple and Google fix CVE-2025-6558, a zero-day bug in Chrome and Safari risking browser security.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its KEV Catalog, based on evidence of active exploitation

CISA Alerts on Google Chromium Input Validation Flaw Actively Exploited

CISA has issued a critical alert regarding a severe input validation vulnerability in Google Chromium that threat actors are actively exploiting.

High Severity Zero-Day Vulnerability in Google Chrome

Google has released security updates to address a zero-day vulnerability in its Chrome browser. Users and administrators are advised to update to the latest....

Microsoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217 | MSRC Blog | Microsoft Security Response Center

Microsoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217

Week in review: Google fixes zero-day vulnerability in Chrome, critical SQL injection flaw in FortiWeb - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Update Google Chrome to fix actively exploited zero-day

Google's Chrome Emergency Patch Fixes a High-Severity Bug

Google has patched Chrome zero-day CVE-2025-6558, which is being actively exploited in the wild. Users are urged to update now to avoid sandbox escape attacks.

Google has released an urgent Chrome update due to the critical vulnerability CVE-2025-6558

A vulnerability in the browser’s graphics module is already being actively exploited in real attacks, Google warns.

New Security Flaw in Chrome Likely Exploited by Hackers

Google is rolling out updates to Chrome users worldwide to address a security weakness said to be exploited by threat actors.

Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558) - Help Net Security

For the fifth time this year, Google has patched a Chrome zero-day vulnerability (CVE-2025-6558) exploited by attackers in the wild.

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

Google released security patches to address multiple Chrome vulnerabilities, including one flaw that has been exploited in the wild.

Google fixes actively exploited sandbox escape zero day in Chrome

Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection.

Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild

Google patches six security flaws in Chrome, including zero-day CVE-2025-6558, exploited in the wild.

Google Chrome 0-Day Vulnerability Under Active Exploitation

Google has released an emergency security update for Chrome 138 to address a critical zero-day vulnerability that is actively being exploited in the wild.

Google Chrome 0-day Vulnerability Actively Exploited in the Wild

Google has released an emergency security update for Chrome, addressing a critical zero-day vulnerability that attackers are actively exploiting in real-world attacks.

Chrome Update Patches Fifth Zero-Day of 2025

Google has released a Chrome 138 security update that patches a zero-day, the fifth resolved in the browser this year.

Grafana Patches Chromium Bugs, Including Zero-Day Exploited in the Wild

Grafana has rolled out security updates to address four high-severity vulnerabilities in the Chromium library used in the Grafana Image Renderer plugin and Synthetic Monitoring Agent.

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chromium V8 vulnerability to its Known Exploited Vulnerabilities catalog.

Grafana releases critical security update for Image Renderer plugin

Grafana Labs has addressed four Chromium vulnerabilities in critical security updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent.

Urgent Update: Microsoft Edge Fixes Actively Exploited Chromium Vulnerability

Microsoft has released a critical security update for Edge Stable Channel on July 1, 2025, addressing a severe vulnerability.

Active Exploitation of Zero-Day Vulnerability in Google Chrome

Google has released security updates to address a zero-day vulnerability in its Chrome browser. Users and administrators of affected products are advised to...