Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2025-12726: Chromium: CVE-2025-12726 Inappropriate implementation in Views.

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Microsoft Security Response Center
Open in Source
#vulnerability#microsoft#chrome#Microsoft Edge (Chromium-based)#Security Vulnerability
CVE-2025-12725: Chromium: CVE-2025-12725 Out of bounds write in WebGPU

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

Researchers Find ChatGPT Vulnerabilities That Let Attackers Trick AI Into Leaking Data

Cybersecurity researchers have disclosed a new set of vulnerabilities impacting OpenAI's ChatGPT artificial intelligence (AI) chatbot that could be exploited by an attacker to steal personal information from users' memories and chat histories without their knowledge. The seven vulnerabilities and attack techniques, according to Tenable, were found in OpenAI's GPT-4o and GPT-5 models. OpenAI has

Should you let Chrome store your driver’s license and passport?

Chrome’s enhanced autofill makes storing your passport and ID easy—but convenience like this can come at a high cost.

Google Expands Chrome Autofill to Passports and Licenses, But Is It Safe?

Google Chrome browser’s new enhanced autofill feature can now remember and automatically fill in personal data such as…

New Dante Spyware Linked to Rebranded Hacking Team, Now Memento Labs

Kaspersky researchers uncovered Operation ForumTroll, an attack campaign utilising the new 'Dante' spyware developed by Memento Labs, the rebranded Hacking Team. The attacks used a Chrome zero-day vulnerability (CVE-2025-2783) and COM hijacking for persistence, confirming the continued deployment of advanced surveillance tools by the controversial Italian firm.

A week in security (October 27 – November 2)

A list of topics we covered in the week of October 27 to November 2 of 2025

Nation-State Hackers Deploy New Airstalk Malware in Suspected Supply Chain Attack

A suspected nation-state threat actor has been linked to the distribution of a new malware called Airstalk as part of a likely supply chain attack. Palo Alto Networks Unit 42 said it's tracking the cluster under the moniker CL-STA-1009, where "CL" stands for cluster and "STA" refers to state-backed motivation. "Airstalk misuses the AirWatch API for mobile device management (MDM), which is now

Update Chrome now: 20 security fixes just landed

Google’s latest Chrome release fixes seven serious flaws that could let attackers run malicious code just by luring you to a compromised page.

CVE-2025-12441: Chromium: CVE-2025-12441 Out of bounds read in V8

**What is the version information for this release?** Microsoft Edge Version Date Released Based on Chromium Version 142.0.3595.53 10/31/2025 142.0.7445.59/.60