The vulnerability, tracked as CVE-2025-2783, was chained with a second exploit for remote code execution in attacks in Russian.
The post Google Patches Chrome Sandbox Escape Zero-Day Caught by Kaspersky appeared first on SecurityWeek.
Seraphic Attracts $29M Investment to Chase Enterprise Browser Business
Seraphic Security banks $29 million investment as VCs remain bullish on startups with security-themed browsers for corporate defenders.
The post Seraphic Attracts $29M Investment to Chase Enterprise Browser Business appeared first on SecurityWeek.
Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day
Redmond’s threat intel team said exploitation of CVE-2024-7971 can be attributed to a North Korean APT targeting the cryptocurrency sector for financial gain.
The post Microsoft Says North Korean Cryptocurrency Thieves Behind Chrome Zero-Day appeared first on SecurityWeek.
Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa
Google TAG publishes evidence showing identical or striking similarities between exploits used by Russia’s APT29 and commercial spyware vendors.
The post Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa appeared first on SecurityWeek.
Island Secures $175M Investment as Enterprise Browser Startups Defy Tech Giants
Despite competitive pressures from industry behemoths like Microsoft and Google, investors are still betting big on startups in the specialized enterprise browser space.
The post Island Secures $175M Investment as Enterprise Browser Startups Defy Tech Giants appeared first on SecurityWeek.
Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own
Google ships a security-themed Chrome browser refresh to fix flaws exploited at the CanSecWest Pwn2Own hacking contest.
The post Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek.
Orca Flags Dangerous Google Kubernetes Engine Misconfiguration
Attackers could take over a Kubernetes cluster if access privileges are granted to all authenticated users in Google Kubernetes Engine.
The post Orca Flags Dangerous Google Kubernetes Engine Misconfiguration appeared first on SecurityWeek.
Google Warns of Chrome Browser Zero-Day Being Exploited
The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine.
The post Google Warns of Chrome Browser Zero-Day Being Exploited appeared first on SecurityWeek.
Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use?
Why are there so many vulnerabilities in Chrome? Is it realistically safe to use? Can Google do anything to make the web browser safer?
The post Chrome and Its Vulnerabilities – Is the Web Browser Safe to Use? appeared first on SecurityWeek.
Google Warns of New Chrome Zero-Day Attack
The high-severity vulnerability, tracked as CVE-2023-2033, is described as a type confusion in the Chrome V8 JavaScript engine.
The post Google Warns of New Chrome Zero-Day Attack appeared first on SecurityWeek.