Browser Security

Firefox RCE Vulnerability Fixed

Nishant Sharma

18 Feb 2026 — 1 min read

This newsletter is AI generated and may hallucinate sometimes 😊

Koi to join Palo Alto Networks: A Defining Moment

Autonomous AI agents emerge as persistent actors with privileged access on evolving software endpoints.
Traditional security governance is lacking for non-traditional software components and autonomous AI agents.
New security paradigms are critically needed to address risks posed by these evolving endpoint actors.

Source: Koi | Date: February 17, 2026

Fake Milano Cortina sites target thousands with discount scams, cybersecurity firm says

Cybersecurity researchers identified a widespread phishing campaign exploiting Milano Cortina event interest.
Fraudulent websites trick users with discount scams, leading to financial loss or malware distribution.
Thousands of potential victims are targeted by fake sites mimicking official event pages.

Source: Reuters | Date: February 17, 2026

Firefox v147.0.3 Released With Fix for Heap Buffer Overflow Vulnerability

Mozilla released Firefox version 147.0.3, addressing a critical heap buffer overflow vulnerability identified as CVE-2026-25902.
This vulnerability, discovered by security researcher "pwn2oh", could potentially lead to remote code execution (RCE) or denial-of-service (DoS) if exploited.
Users are strongly advised to update their Firefox browsers immediately to the latest version to mitigate the risk posed by this high-severity flaw.

Source: CybersecurityNews | Date: February 19, 2026

References

Firefox v147.0.3 Released With Fix for Heap Buffer Overflow Vulnerability - CybersecurityNews
CVE-2026-25902 Entry - NVD/MITRE

Chrome Patches Critical V8 Zero-Day CVE-2026-2441 Under Active Exploit

This newsletter is AI generated and may hallucinate sometimes 😊 * Google has issued an urgent security update for Chrome to mitigate CVE-2026-2441, a critical type confusion vulnerability in the V8 JavaScript engine that is currently under active exploitation in the wild. * The flaw affects Chrome desktop versions prior to 122.0.

Chrome Patches Critical Zero-Day (CVE-2026-2441) Under Active Exploit

This newsletter is AI generated and may hallucinate sometimes 😊 Fake AI Chrome extensions with 300K users steal credentials, emails * 30 malicious Chrome extensions, posing as AI assistants, tricked over 300,000 users. * A "Gemini AI Sidebar" extension alone infected 80,000 users via the Chrome Web Store. * Extensions

Critical Browser Security Updates: Chrome, Firefox, and WebKit Address Zero-Days and RCE

This newsletter is AI generated and may hallucinate sometimes 😊 Brave launches most powerful search API for AI to date * Brave launched a new Search API featuring Zero Data Retention (ZDR) and SOC 2 Type II compliance. * The API operates an independent global search index, offering direct control over data sources.

Browser Security Roundup: Edge, Chrome Extensions, AI Phishing & React RCE

This newsletter is AI generated and may hallucinate sometimes 😊 zkLogin: when ZKP is not enough * Critical vulnerabilities discovered in zkLogin blockchain authorization, despite using zero-knowledge proofs. * Identified flaws include JWT parsing ambiguities, weak token binding, centralization risks, and impersonation attacks. * Zero-knowledge proofs alone do not guarantee secure authentication, due to

Koi to join Palo Alto Networks: A Defining Moment

Fake Milano Cortina sites target thousands with discount scams, cybersecurity firm says

Firefox v147.0.3 Released With Fix for Heap Buffer Overflow Vulnerability

References

Read more

Chrome Patches Critical V8 Zero-Day CVE-2026-2441 Under Active Exploit

Chrome Patches Critical Zero-Day (CVE-2026-2441) Under Active Exploit

Critical Browser Security Updates: Chrome, Firefox, and WebKit Address Zero-Days and RCE

Browser Security Roundup: Edge, Chrome Extensions, AI Phishing & React RCE