Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2025-12447: Chromium: CVE-2025-12447 Incorrect security UI in Omnibox

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60

Microsoft Security Response Center
Open in Source
#microsoft#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2025-12446: Chromium: CVE-2025-12446 Incorrect security UI in SplitView

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60

CVE-2025-12445: Chromium: CVE-2025-12445 Policy bypass in Extensions

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60

CVE-2025-12444: Chromium: CVE-2025-12444 Incorrect security UI in Fullscreen UI

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60

CVE-2025-12443: Chromium: CVE-2025-12433 Inappropriate implementation in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60

Trick, treat, repeat

Thor gets into the Halloween spirit, sharing new CVE trends, a “treat” for European Windows 10 users, and a reminder that patching is your best defense against zombie vulnerabilities.

New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

A severe vulnerability disclosed in Chromium's Blink rendering engine can be exploited to crash many Chromium-based browsers within a few seconds. Security researcher Jose Pino, who disclosed details of the flaw, has codenamed it Brash. "It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed," Pino said in a

ThreatsDay Bulletin: DNS Poisoning Flaw, Supply-Chain Heist, Rust Malware Trick and New RATs Rising

The comfort zone in cybersecurity is gone. Attackers are scaling down, focusing tighter, and squeezing more value from fewer, high-impact targets. At the same time, defenders face growing blind spots — from spoofed messages to large-scale social engineering. This week’s findings show how that shrinking margin of safety is redrawing the threat landscape. Here’s what’s

Ex-L3Harris Cyber Boss Pleads Guilty to Selling Trade Secrets to Russian Firm

Peter Williams, a former executive of Trenchant, L3Harris’ cyber division, has pleaded guilty to two counts of stealing trade secrets and selling them to an unnamed Russian software broker.