Exploited Google Chrome zero-days added to US must-patch list

Two new serious vulnerabilities in the world's most popular web browser, Google Chrome, are under attack at the moment and ...
The Hacker News

Google Fixes Two Chrome Zero-Days Exploited in the Wild Affecting Skia and V8

Google patches two Chrome zero-days exploited in the wild, urging updates to version 146.0.7680.75/76 to prevent attacks.

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Google rushes Chrome update fixing two zero-days already under attack

CVE-2026-3909 is an out-of-bounds write flaw in Skia, the graphics library Chrome uses to render web content and parts of its ...
GovInfoSecurity

Breach Roundup: Russian State Actors Target Signal, WhatsApp

This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress sites, Microsoft patched 80 bugs, a ...