Google News Articles

Google Issues Emergency Update For All 3 Billion Chrome Users

Update now warning for all users, with attacks confirmed underway.

1 week ago

Emergency Chrome Update! One Click Could Save Your Personal Data

A newly discovered critical vulnerability in Google Chrome—CVE-2025-5419—has put an estimated 3 billion users at significant risk of cyberattacks. Google has issued an emergency update to fix the flaw, but experts warn that threat actors have already begun exploiting it in the wild. Another severe b...

1 week ago

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419) - Help Net Security

Google has fixed two Chrome vulnerabilities, including a zero-day flaw (CVE-2025-5419) with an in-the-wild exploit.

1 week ago

Google pushes emergency fix for high-severity Chrome 0-day

Google revealed Monday that it had quietly deployed a configuration change last week to block active exploitation of a Chrome zero-day. Google Threat Analysis Group (TAG) team members Clement Lecigne and...

1 week ago

3B Google Chrome users at risk. Update now!

Google has issued an emergency update for Chrome, addressing a severe vulnerability discovered by its Threat Analysis Group and used in cyber attacks.

1 week ago

Google Issues Emergency Update For All 3 Billion Chrome Users

Update now warning for all users, with attacks confirmed underway.

1 week ago

New Chrome Zero-Day Actively Exploited; Google Issues Emergency Out-of-Band Patch

Google fixed CVE-2025-5419 in Chrome after detecting active exploitation, affecting all platforms using V8 engine.

1 week ago

Google Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code

Google has released an emergency security update for Chrome after confirming that a critical zero-day vulnerability is being actively exploited by attackers in the wild.

1 week ago

Google Researchers Find New Chrome Zero-Day

Google released a fresh Chrome 137 update to address three vulnerabilities, including a high-severity bug exploited in the wild.

1 week ago

VulDB Recent Entries | Security

CVE-2025-5283 | Google Chrome up to 136.0.7103.113 libvpx use after free (Nessus ID 237344)(link is external) 11 hours 7 minutes ago A vulnerability was found in Google Chrome and...

2 weeks ago

Chrome Security Patch Addresses High-Severity Vulnerabilities Enabling Code Execution

This update, version 137.0.7151.55/56, brings a host of security improvements, bug fixes, and technical enhancements.

2 weeks ago

Chrome 0-Day CVE-2025-4664 Exposes Windows, Linux Browser Activity

A Chrome zero-day bug, CVE-2025-4664, exposes login tokens on Windows and Linux. Google has issued a fix, users should update immediately.

3 weeks ago

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog.

1 month ago

CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664) - Help Net Security

A Chrome vulnerability (CVE-2025-4664) that Google has fixed on Wednesday is being leveraged by attackers, CISA has confirmed.

1 month ago

CISA tags recently patched Chrome bug as actively exploited

On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser.

1 month ago

Google Chrome Update Fixes CVE-2025-4372 & Other Flaws

Google Chrome latest update patches CVE-2025-4372, CVE-2025-4664, and CVE-2025-2783 vulnerabilities.

1 month ago

Google Chrome Update Fixes CVE-2025-4372 & Other Flaws

Google Chrome latest update patches CVE-2025-4372, CVE-2025-4664, and CVE-2025-2783 vulnerabilities.

1 month ago

CISA Warns of Google Chromium 0-Day Vulnerability Actively Exploited in the Wild - Patch Now!

The Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-4664 to its Known Exploited Vulnerabilities Catalog as the vulnerability is actively exploited in the wild in attacks.

1 month ago

Chrome vulnerability with exploit in the wild

Google is updating Chrome and plugging security leaks in the process. There is already an exploit for one of them, the company explains.

1 month ago

Google Chrome Zero-Day Vulnerability (CVE-2025-4664) Actively Exploited in The Wild

Google has rolled out a fresh Stable Channel update for the Chrome browser across desktop platforms, including Windows, Mac, and Linux.

1 month ago

New Chrome Vulnerability Enables Cross-Origin Data Leak via Loader Referrer Policy

Chrome flaw CVE-2025-4664 enables cross-origin data leaks; active exploit confirmed; update to 136.0.7103.113.

1 month ago

Chrome 136 Update Patches Vulnerability With ‘Exploit in the Wild’

Google has rolled out a Chrome 136 update that resolves a high-severity vulnerability for which a public exploit exists.

1 month ago

Critical Google Chrome 136 Audio Bug Lets Hackers Remotely Install Malware

Hackers could use an audio vulnerability to remotely execute malicious code in Google Chrome — you have been warned, take action now.

Critical Chrome Vulnerability Exposes Users to Data Theft and Unauthorized Access

A critical security vulnerability has been discovered in Google Chrome, prompting an urgent update as millions of users worldwide face potential threats.

Microsoft Security Researchers Discover Chromium Vulnerability -- Redmondmag.com

Microsoft last week disclosed a sophisticated cyber campaign by a North Korean threat actor exploiting a zero-day vulnerability in the Chromium browser.

Chrome Use-After-Free Vulnerability Enables Remote Code Attacks

Google has rolled out a critical update for its Chrome browser, addressing a high-severity vulnerability that could allow remote code execution.

Google’s Quick Share for Windows Vulnerability Let Attackers Remote Code

Critical vulnerabilities in Google's Quick Share file transfer utility for Windows allowed attackers to achieve remote code execution (RCE) without user interaction. 

Google Quick Share Bug Bypasses Allow 0-Click File Transfer

Google addresses patch bypasses for CVE-2024-38272 and CVE-2024-38271, part of the previously announced "QuickShell" silent RCE attack chain against Windows users.

Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent

Quick Share flaw CVE-2024-10668 bypasses earlier fixes, enabling DoS or unauthorized file delivery.

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More

Google patched a Chrome 0-day (CVE-2025-2783) used in live attacks on Russian targets via phishing.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching,

New Entries In CISA Known Exploited Vulnerabilities Catalog

CISA adds critical vulnerabilities like CVE-2025-2783, CVE-2019-9874, and CVE-2019-9875 to the Known Exploited Vulnerabilities Catalog.

Chrome, Firefox patch privacy-destroying security flaw

Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia. Now...

Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia

Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day.

Mozilla warns Windows users of critical Firefox sandbox escape flaw

Mozilla has released Firefox 136.0.4 to patch a critical security vulnerability that can let attackers escape the web browser's sandbox on Windows systems.

Google Hastily Patches Chrome Zero-Day Exploited by APT

Researchers at Kaspersky discovered cyber-espionage activity that used the vulnerability in a one-click phishing attack to deliver malware.

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) - Help Net Security

Google is rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability exploited by an APT group.

Fixing CVE-2025-2783 With Chrome Stable Channel Update

The Stable Channel Update for Chrome addresses CVE-2025-2783, fixing a critical security flaw.

Fixing CVE-2025-2783 With Chrome Stable Channel Update

The Stable Channel Update for Chrome addresses CVE-2025-2783, fixing a critical security flaw.

CVE-2025-2783 in Operation ForumTroll APT

Kaspersky’s GReAT experts have discovered the Operation ForumTroll APT attack, which used a zero-day vulnerability in Google Chrome.

Google Chrome Zero-Day Vulnerability Actively Exploited in the Wild

Google has released an urgent update for its Chrome browser to patch a zero-day vulnerability, known as CVE-2025-2783.

Google fixes Chrome zero-day exploited in espionage campaign

​Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser's sandbox and deploy malware in espionage attacks targeting Russian organizations.

Google Chrome Zero-day Vulnerability Exploited by Hackers in the Wild

Google has released an urgent security update for its Chrome browser after cybersecurity researchers at Kaspersky discovered.

Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks

Google fixed Chrome zero-day CVE-2025-2783 on Mar 20 after attacks exploited a sandbox bypass flaw.

Kaspersky discovers sophisticated Chrome zero-day exploit used in active attacks

Kaspersky has identified and helped patch a sophisticated zero-day vulnerability in Google Chrome (CVE-2025-2783) that allowed attackers to bypass the browser’s sandbox protection system. The exploit, discovered by Kaspersky’s Global Research and Analysis Team (GReAT), required no user interaction b...

Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky

Chrome vulnerability CVE-2025-2783 was chained with a second exploit for remote code execution in attacks targeting organizations in Russia.

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.

Android Zygote Injection Flaw Lets Attackers Execute Code & Gain Elevated Privileges

A significant vulnerability in the Android operating system, identified as CVE-2024-31317, has been discovered, allowing attackers.

Android zero-day vulnerabilities actively abused. Update as soon as you can

Android's March 2025 security update includes two zero-days which are under active exploitation in targeted attacks.