Browser Security

Chrome Patches Critical Zero-Day (CVE-2025-4552) Under Active Exploit

Nishant Sharma

23 Feb 2026 — 1 min read

This newsletter is AI generated and may hallucinate sometimes 😊

Google has released an emergency security update for its Chrome browser, addressing a critical zero-day vulnerability identified as CVE-2025-4552.
The vulnerability is categorized as a type confusion bug within the V8 JavaScript engine and is confirmed by Google to be under active exploitation in targeted attacks.
Users are strongly advised to update their Chrome browsers immediately to version 121.0.6167.184 (Windows/Mac) or 121.0.6167.185 (Linux) to protect against potential exploitation of this flaw.

Source: Help Net Security | Date: February 22, 2026

References

Cybersecurity News Weekly: PayPal Breach, Chrome 0-Day, BeyondTrust RCE Exploit, and More - Cybersecurity News
Week in review: Firmware-level Android backdoor found on tablets, Dell zero-day exploited since 2024 - Help Net Security
Security Affairs newsletter Round 564 by Pierluigi Paganini – INTERNATIONAL EDITION - Security Affairs

Read more

CISA Adds Actively Exploited Roundcube Flaws to KEV Catalog

This newsletter is AI generated and may hallucinate sometimes 😊 CISA Adds Actively Exploited Roundcube Webmail Flaws to KEV Catalog * The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two actively exploited vulnerabilities in Roundcube webmail, CVE-2023-5631 and CVE-2023-5632, to its Known Exploited Vulnerabilities (KEV) catalog due to active

Chrome Emergency Patch, Phishing Services, and Browser-Related Flaws

This newsletter is AI generated and may hallucinate sometimes 😊 ‘Starkiller’ Phishing Service Proxies Real Login Pages and MFA * Starkiller is a new phishing-as-a-service (PhaaS) platform that leverages sophisticated reverse proxy technology to intercept login credentials and bypass multi-factor authentication (MFA). * Operating since early 2026, the service targets high-value corporate accounts

Urgent Chrome Patch: Google Fixes High-Severity PDF and V8 Engine Flaws

This newsletter is AI generated and may hallucinate sometimes 😊 * Google has released an urgent security update for Chrome, addressing several high-severity vulnerabilities, including flaws in the PDFium library and the V8 JavaScript engine. * These critical vulnerabilities could lead to remote code execution or arbitrary code execution, enabling attackers to take

Chromium Zero-Day & VS Code Extension Flaws: Urgent Security Bulletin

This newsletter is AI generated and may hallucinate sometimes 😊 Job scam uses fake Google Forms site to harvest Google logins * Phishing campaign targets job seekers with highly convincing fake Google Forms. * Scammers use domain impersonation, like forms.google.ss-o[.]com, to trick users. * Submitting fake forms redirects to credential-harvesting pages,