Emergency Patches for Actively Exploited Chrome & WebKit 0-Days

Chrome Extension "Promptease" Intercepts Millions of Users' AI Chats

• The popular Chrome extension "Promptease," designed to enhance AI interactions, was found to be intercepting and transmitting millions of users' sensitive AI chatbot prompts and responses to remote servers.
• Researchers discovered the extension's malicious behavior, which included exfiltrating personally identifiable information (PII) and corporate intellectual property, posing significant privacy and security risks.
• Google has removed "Promptease" from the Chrome Web Store; users who installed it are strongly advised to uninstall it immediately and review their accounts for potential data compromise.

Source: The Hacker News | Date: December 16, 2025

Apple Patches Actively Exploited WebKit 0-Day Vulnerabilities (CVE-2025-14174, CVE-2025-43529)

• Apple released urgent security updates for iOS 19.2.1, iPadOS 19.2.1, macOS Sonoma 14.2.1, watchOS 10.2.1, tvOS 17.2.1, and Safari 17.2.1 to address two actively exploited WebKit zero-day vulnerabilities, CVE-2025-14174 and CVE-2025-43529.
• These vulnerabilities are memory corruption issues within the WebKit engine that could allow arbitrary code execution when processing maliciously crafted web content.
• CISA has added both CVEs to its Known Exploited Vulnerabilities Catalog, mandating federal agencies to apply patches by January 6, 2026, and strongly urging all users to update their devices.

Source: Help Net Security | Date: December 15, 2025

Google Chrome Issues Emergency Patch for Actively Exploited Zero-Day Vulnerability

• Google released an out-of-band security update for its Chrome browser to address an undisclosed zero-day vulnerability that was actively exploited in the wild, without publicly sharing a specific CVE ID at the time of reporting.
• The emergency patch highlights the critical nature of the flaw, which could potentially allow attackers to execute arbitrary code or compromise user data through crafted web content.
• Users are strongly advised to update their Chrome browsers immediately to the latest version to mitigate the risk posed by this actively exploited vulnerability.

Source: The Register | Date: December 15, 2025

Browser Extension Security Risks Highlighted by ShadyPanda Campaign

• The "ShadyPanda" campaign serves as a critical reminder of the extensive security risks associated with malicious browser extensions, which can be leveraged for data theft, credential harvesting, and session hijacking.
• Attackers in the ShadyPanda campaign employed sophisticated social engineering to trick users into installing rogue extensions that then exploited broad permissions to compromise sensitive user data and online activities.
• Security experts recommend users diligently review permissions before installing extensions, utilize strong browser security features, and regularly audit all installed extensions to safeguard against such threats.

Source: The Hacker News | Date: December 17, 2025

References

1. Featured Chrome Browser Extension Caught Intercepting Millions of Users' AI Chats - The Hacker News
2. Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529) - Help Net Security
3. Apple fixes two Webkit Vulnerabilities - The CyberThrone
4. Apple, Google forced to issue emergency 0-day patches - The Register
5. U.S. CISA adds Apple and Gladinet CentreStack and Triofox flaws to its Known Exploited Vulnerabilities catalog - Security Affairs
6. Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More - The Hacker News
7. A Browser Extension Risk Guide After the ShadyPanda Campaign - The Hacker News