Update Chrome Immediately to Fix This Zero-Day Exploit

Google is pushing an emergency patch for a zero-day vulnerability that has been exploited in the wild, and a second zero-day has been identified and is expected to be fixed in a future update.

Supply-chain attack using invisible code hits GitHub and other repositories

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Google rushes Chrome update fixing two zero-days already under attack

Google has pushed out an emergency Chrome update to fix two previously unknown vulnerabilities that attackers were already exploiting before the patches landed. The bugs, tracked as CVE-2026-3909 and ...

Google fixes two new Chrome zero-days exploited in attacks

Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks.