August 27, 2024 at 06:24AM Google warns of an in-the-wild exploited bug, tracked as CVE-2024-7965, in Chrome 128.0.6613.84. The V8 JavaScript engine flawed implementation allows remote attackers to exploit heap corruption through crafted HTML pages, potentially executing code or accessing sensitive information. The US CISA added the bug to the Known Exploited Vulnerabilities catalog, urging … Read more
May 24, 2024 at 07:09AM Google has released fixes for a high-severity security flaw in its Chrome browser, identified as CVE-2024-5274, which has been exploited in the wild. The vulnerability is related to a type confusion bug in the V8 JavaScript and WebAssembly engine. This marks the fourth zero-day patched by Google this month. Users … Read more
May 14, 2024 at 07:40AM Google has patched a second zero-day vulnerability, CVE-2024-4761, in Chrome just days after fixing CVE-2024-4671. Both flaws were exploited in attacks, with CVE-2024-4761 described as a high-severity issue. An anonymous researcher reported the vulnerability, and an exploit for it has been developed, but its effectiveness is unknown. Eight zero-days targeted … Read more
May 14, 2024 at 04:11AM Google has released emergency security updates for its Chrome browser, addressing a high-severity zero-day vulnerability exploited in attacks. This comes after fixing another zero-day vulnerability just three days earlier. The latest bug, CVE-2024-4761, affects Chrome’s V8 JavaScript engine and allows out-of-bounds write issues, the sixth zero-day bug fixed in 2024. … Read more
April 3, 2024 at 12:40PM Google has resolved a zero-day vulnerability in Chrome, tracked as CVE-2024-3159, stemming from an out-of-bounds read weakness in the Chrome V8 JavaScript engine. The flaw allowed remote attackers to gain unauthorized access to data or trigger a crash. Google also addressed two other Chrome zero-days and two Android zero-days, underscoring … Read more
January 17, 2024 at 04:23PM Google has patched a high-severity zero-day bug in Chrome Web browser (CVE-2024-0519) actively exploited by attackers, enabling code execution and other cyberattacks. This is the first Chrome zero-day in 2024 and the second in less than a month. Chrome’s vulnerability disclosures increased over the years, making it a prime target … Read more
December 22, 2023 at 01:12PM Google has released an urgent update to address a critical vulnerability in Chrome, identified as CVE-2023-7024. This heap buffer overflow flaw in Chrome’s WebRTC module allows remote code execution. While the threat is significant, Chrome’s sandbox and site isolation features provide some protection. The bug also extends to Microsoft Edge, … Read more
December 21, 2023 at 05:51AM Google released emergency patches for the eighth zero-day vulnerability in Chrome this year. Tracked as CVE-2023-7024, it is a high-severity heap buffer overflow bug in the WebRTC component. The exploit is actively used and was reported by Google’s Threat Analysis Group. The latest Chrome version is 120.0.6099.129 for macOS and … Read more