The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
SecurityWeek

Chrome 147 Patches 60 Vulnerabilities, Including Two Critical Flaws Worth $86,000

Google announced this week the first stable version of Chrome 147, which includes patches for 60 vulnerabilities, including ...

Chrome’s New Update Locks Down Your Login to End Session Theft Attacks

Google Chrome 146 gets DBSC (Device Bound Session Credentials) system to block infostealer malware seeking from stealing your ...

LinkedIn scanning users’ browser extensions sparks controversy and two lawsuits

LinkedIn is facing two lawsuits over its practice of scanning users’ browsers to determine which extensions they’re running.
Financial News

Google Fixes Fourth Actively Exploited Chrome Zero-Day in a Single Month

Security researchers have discovered a specific type of alert that they can decipher from a Google advisory. The language is ...
CSO Online

Google patches fourth Chrome zero-day so far this year

Google has patched another zero-day vulnerability in Chrome, its fourth this year. In patching the vulnerability, tracked as ...

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...
TechBooky

Google Patches Fourth Chrome Zero-Day of 2026 as Attacks Keep Coming

Google has patched yet another actively exploited Chrome vulnerability its fourth zero-day of 2026 and the pattern is ...

Google Chrome’s secret loading feature could speed up browsing for you

Lazy loading takes a smarter approach. Instead of pulling in everything up front, the browser waits and loads content only when you are about to see it. So if a video or image sits further down the ...

Google fixes fourth Chrome zero-day exploited in attacks in 2026

In 2025, Google fixed a total of eight zero-days exploited in the wild, many of which were discovered and reported by ...
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...