Browser Security

Chrome Patches Critical Zero-Day CVE-2026-5281 Actively Exploited

02 Apr 2026 — 3 min read

This newsletter is AI generated and may hallucinate sometimes 😊

Emergency Patch for Chrome Zero-Day (CVE-2026-5281) in Dawn Component

Google released an emergency patch for Chrome to address CVE-2026-5281, a high-severity type confusion vulnerability residing specifically within the browser's Dawn component.
The flaw allows for active exploitation in the wild, enabling attackers to execute arbitrary code or cause memory corruption in affected Chrome instances.
This critical vulnerability impacts Google Chrome across Windows, macOS, and Linux platforms, mandating prompt updates to the latest stable version.

Source: SecurityOnline.info | Date: April 01, 2026

CVE-2026-5281 has been confirmed as the fourth actively exploited zero-day vulnerability discovered in Google Chrome during 2026, highlighting a concerning trend of persistent threats.
The vulnerability is a type confusion bug in the Dawn component, presenting a significant risk of remote code execution or sandbox escapes.
Google's rapid response with stable channel updates (e.g., 123.0.6312.86) underscores the severity and active threat landscape for browser users.

Source: Security Affairs | Date: April 01, 2026

Google's Threat Analysis Group (TAG) attributed the malicious code injection into the popular Axios npm package to UNC1069, a North Korea-linked state-sponsored threat group.
The attackers specifically targeted repositories belonging to maintainers of the Axios project, aiming to distribute backdoored versions through the supply chain.
Developers using affected versions of Axios should verify their installations for compromise and update to clean versions to prevent potential client-side web application exploits.

Source: The Hacker News | Date: April 01, 2026

Anthropic confirmed that proprietary code for its Claude AI model was inadvertently leaked due to an npm packaging error, exposing sensitive internal project details.
The accidental publication of an internal package on npm contained the source code, posing a risk of intellectual property theft and potential vulnerability discovery by malicious actors.
While Anthropic stated no sensitive user data was exposed, the incident highlights supply chain risks even with internal package management.

Source: The Hacker News | Date: April 01, 2026

SentinelOne observed and blocked attacks involving a trojanized LiteLLM library, which was triggered by code related to the recently leaked Anthropic Claude AI source code.
This incident demonstrates the immediate exploitation potential following source code exposure, as attackers quickly weaponized elements of the leaked Claude AI data.
The detection underscores the importance of advanced endpoint protection capable of identifying and preventing exploits originating from supply chain compromises.

Source: Security Affairs | Date: April 01, 2026

Multiple vulnerabilities have been discovered in the PNG (Portable Network Graphics) image format specification, enabling attackers to cause denial-of-service or information leakage.
These flaws, if exploited, could lead to crashes in applications processing PNG files, including web browsers and image editors, disrupting user experience.
Users are advised to keep their operating systems, browsers, and image processing software updated to patched versions that address these newly identified PNG vulnerabilities.

Source: Cyber Security News | Date: April 01, 2026