Google publishes exploit code for unfixed chromium vulnerability

Google published proof-of-concept exploit code on Wednesday for a vulnerability in its Chromium browser that has gone unfixed for 29 months. The flaw affects Chrome, Microsoft Edge, and other Chromium-based browsers used by millions worldwide. It enables attackers to establish persistent connections for monitoring user activity and launching attacks.

The exploit targets the Browser Fetch programming interface, which handles background downloads of large files. Once activated, it creates a service worker that can reopen connections even after browser or device restarts. This setup allows a compromised device to join a limited botnet for proxying traffic or enabling denial-of-service attacks without granting deeper system access.

관련 기사

Illustration depicting the Linux CopyFail vulnerability enabling root access exploits alongside Ubuntu's DDoS-induced outage.
AI에 의해 생성된 이미지

Linux CopyFail exploit threatens root access amid Ubuntu outage

AI에 의해 보고됨 AI에 의해 생성된 이미지

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

A proof-of-concept exploit shows how websites can bypass safety guardrails in AI browsers by feeding them false information. The technique, called BioShocking, prompts the embedded AI models to accept incorrect facts such as 2 + 2 = 5, creating an alternate reality where restrictions no longer apply.

AI에 의해 보고됨

A newly discovered flaw in Trend Micro's Apex One allows hackers to inject malicious code. The zero-day vulnerability is being actively exploited.

A new Linux local privilege escalation vulnerability known as Fragnesia has been made public. The flaw is described as similar to Dirty Frag and involves an ESP/XFRM logic bug.

AI에 의해 보고됨

US federal agencies have disclosed that Russian military intelligence compromised thousands of small office and home routers, urging owners to take immediate protective measures.

이 웹사이트는 쿠키를 사용합니다

사이트를 개선하기 위해 분석을 위한 쿠키를 사용합니다. 자세한 내용은 개인정보 보호 정책을 읽으세요.
거부