Apple and Google have released several software updates to protect against a hacking campaign targeting an unknown number of their users.
On Wednesday, Google released patches for a handful of security bugs in its Chrome browser, noting that one of the bugs was being actively exploited by hackers before the company had time to patch it. Unusually for Google, the company provided no further details at the time.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap
June 19, 2026
Apple has patched a Bluetooth flaw in Beats Studio Buds that could potentially turn your earbuds into a nearby wiretap. When you buy a pair of Bluetooth earbuds, you expect them to play your music and your calls—not someone else’s. But a vulnerability in Apple’s Beats Studio Buds shows how that trust can be abused, turning ...
- Hijacking Vertex AI Model Uploads for Cross-Tenant RCE
June 16, 2026
Palo Alto Unit42 discovered a vulnerability in the Google Cloud Vertex AI software development kit (SDK) for Python, and responsibly disclosed it to Google. Before Google’s fix, the vulnerability would have allowed an attacker operating entirely from their own Google Cloud project to hijack a victim’s model upload and poison it. By exploiting this flaw ...
- CISA gives US federal agencies three days to fix a VPN bug under attack by a ransomware gang
June 9, 2026
A ransomware group is actively exploiting an unpatched flaw in security tools used across the U.S. federal government, prompting the U.S. cybersecurity agency CISA to order all civilian agencies to remediate the vulnerability by end of day Wednesday. Cybersecurity firm Check Point Software said the bug affects several of its remote access tools, firewalls, and VPNs, which act as ...
- Chrome’s zero-day Whac-A-Mole continues with fifth exploited bug of the year
June 9, 2026
Google has fixed its fifth actively exploited Chrome zero-day of 2026, and this one earned its finder a $55,000 bounty. The flaw, tracked as CVE-2026-11645, is an out-of-bounds memory access bug in Chrome’s V8 JavaScript engine. Google confirmed that the vulnerability is being exploited in the wild, but has disclosed little beyond the bare technical details. Read ...
- Update Chrome now: Critical bugs could let attackers run code
May 22, 2026
Google has issued updates for the Chrome browser patching a number of high‑severity vulnerabilities. The update includes fixes for two critical vulnerabilities that can be used for remote code execution just by visiting a malicious website. The stable channel has been updated to 148.0.7778.178/179 for Windows/Mac and 148.0.7778.178 for Linux, which will roll out over the coming weeks. Read more… Source: ...
- Patch time for Cisco SD-WAN admins as vendor drops yet another make-me-admin zero-day
May 15, 2026
Cisco admins face emergency patch duty after Switchzilla disclosed a max-severity make-me-admin bug affecting Catalyst SD-WAN Controller and Manager. Switchzilla dropped an advisory for CVE-2026-20182 (10.0) on Thursday, saying that both components, formerly known as vSmart and vManage, were vulnerable in all deployment types, and that fixes were available. The bug allows unauthenticated remote attackers to bypass authentication and ...