Aggregator

A vulnerability marked as problematic has been reported in Google Chrome. This affects an unknown part of the component MHTML. Performing a manipulation results in permissive cross-domain policy with untrusted domains. This vulnerability is cataloged as CVE-2026-11195. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in Google Chrome. Affected by this issue is some unknown functionality of the component Password Manager. Such manipulation leads to clickjacking. This vulnerability is listed as CVE-2026-11192. The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in Google Chrome. Affected by this vulnerability is an unknown functionality of the component ANGLE. This manipulation causes out-of-bounds read. This vulnerability is tracked as CVE-2026-11191. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Google Chrome. Affected is an unknown function of the component SVG. The manipulation results in permissive cross-domain policy with untrusted domains. This vulnerability is identified as CVE-2026-11182. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Google Chrome. It has been rated as critical. This impacts an unknown function of the component Extensions. The manipulation leads to improper access controls. This vulnerability is referenced as CVE-2026-11190. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Google Chrome. It has been declared as critical. This affects an unknown function of the component Glic. Executing a manipulation can lead to Remote Code Execution. The identification of this vulnerability is CVE-2026-11187. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome. It has been classified as critical. The impacted element is an unknown function of the component Site Isolation. Performing a manipulation results in improper isolation or compartmentalization. This vulnerability was named CVE-2026-11174. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Google Chrome and classified as problematic. The affected element is an unknown function of the component Media. Such manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is uniquely identified as CVE-2026-11176. The attack can be launched remotely. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability has been found in Google Chrome and classified as problematic. Impacted is an unknown function of the component Media Session. This manipulation causes permissive cross-domain policy with untrusted domains. This vulnerability is handled as CVE-2026-11181. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Google Chrome. This issue affects some unknown processing of the component Omnibox. The manipulation results in use after free. This vulnerability is known as CVE-2026-11177. It is possible to launch the attack remotely. No exploit is available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Google Chrome. This vulnerability affects unknown code of the component SVG. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is traded as CVE-2026-11180. It is possible to initiate the attack remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in Google Chrome. This affects an unknown part of the component ORB. Executing a manipulation can lead to improper isolation or compartmentalization. This vulnerability appears as CVE-2026-11179. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

New StorybyRoshan RajbanshibyRoshan Rajbanshi@RoshanRajbanshi_frqj97tcCybersecurity enthusiast | CT

New StorybyGeethaSreenivasaRaoRepallebyGeethaSreenivasaRaoRepalle@gs-repalle | Director- Enterprise

New StorybyPaulo RigonatobyPaulo Rigonato@paulorigonatoProfissional de segurança cibernética com fo

New StorybyFard JohnmarbyFard Johnmar@fjohnmar | Founder at Enspektos, LLCBuilder, futurist and fou

Your browser does not support the audio element.SpeedVoice

Let’s Encrypt has announced its roadmap for post-quantum Web PKI, centering on a novel approach called Merkle Tree Certificates (MTCs), a design that delivers quantum-resistant authentication without bloating TLS handshakes or breaking the web’s performance expectations. Traditional X.509 certificate chains require significant bandwidth, which would increase substantially with the adoption of robust post-quantum algorithms. MTCs […]

The post Let’s Encrypt Unveils Merkle Tree Certificates to Secure the Web Against Quantum Threats appeared first on Cyber Security News.

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SMTP email relay network. "Compromised business servers across the U.S., Europe, and Asia were quietly converted into SMTP proxies, verified for mail relay capability, and synced to a downstream consumer every five minutes," Hunt.io said in

Threat Intelligence / Cloud SecurityThe threat actor known as PCPJack has hijacked cloud servers a