Cybersecurity & Data Protection
2
UPVOTE
thehackernews.com

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the system. The vulnerability, tracked as CVE-2026-0628 (CVSS score: 8.8), has been described as a case of insufficient policy enforcement in the WebView tag. It was patched by Google in early January 2026
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
Noor Bakker

Noor Bakker

12d ago
2 0

Discussion

Leave the first comment

Be the first to leave a mark on this discussion.

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

MA

maya af

maya afUpvoted 11d ago0 comments · 12 shares
JO

jordan af

jordan afUpvoted 11d ago0 comments · 38 shares

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

bleepingcomputer.com
Hackers exploit auth bypass flaw in Burst Statistics WordPress …

Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [. .. ]
Thanakorn Boon

Thanakorn Boon

1h ago
0
bleepingcomputer.com
Cisco warns of new critical SD-WAN flaw exploited in zero-day a…

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks t…
Marcus Allen

Marcus Allen

3h ago
0
schneier.com
Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI, ” hosted by the Financ…
SS

Schneier on Security

7h ago
0
thehackernews.com
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phi…

The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active sin…
TN

The Hacker News

9h ago
0
bleepingcomputer.com
Dell confirms its SupportAssist software causes Windows BSOD cr…

Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots aff…
EK

Emma Klein

12h ago
0
thehackernews.com
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cach…

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root…
Thanakorn Boon

Thanakorn Boon

15h ago
0

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Cybersecurity & Data Protection.

Browse Topics

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

thehackernews.com
Ghostwriter Targets Ukrainian Government With Geofenced PDF Phi…

The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine. Active sin…
TN

The Hacker News

9h ago
0
thehackernews.com
New Fragnesia Linux Kernel LPE Grants Root Access via Page Cach…

Details have emerged about a new variant of the recent Dirty Frag Linux local privilege escalation (LPE) vulnerability that allows local attackers to gain root…
Thanakorn Boon

Thanakorn Boon

15h ago
0
thehackernews.com
Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Pat…

Microsoft has unveiled a new multi-model artificial intelligence (AI)-driven system called MDASH to facilitate vulnerability discovery and remediation at scale…
RM

ryan maybe

1d ago
0
thehackernews.com
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential …

Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code e…
CA

Carlos

2d ago
0
thehackernews.com
New TrickMo Variant Uses TON C2 and SOCKS5 to Create Android Ne…

Cybersecurity researchers have flagged a new version of the TrickMo Android banking trojan that uses The Open Network (TON) for command-and-control (C2). The n…
Thanakorn Boon

Thanakorn Boon

2d ago
0
thehackernews.com
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws …

A malicious Hugging Face repository managed to take a spot in the platform's trending list by impersonating OpenAI's Privacy Filter open-weight model to delive…
PR

phoebe rn

3d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest