Find notable cyber news and cases, enriched with sources, timelines, and signals.

Chrome emergency zero-day patch (CVE-2026-3909, CVE-2026-3910)

Security Patch Release
First reported
Last updated
Happening score
H score 41
2 unique sources, 2 articles

Summary

Hide ▲

Google pushed an emergency Chrome update for Stable Desktop users on Windows, macOS, and Linux after confirming CVE-2026-3909 and CVE-2026-3910 are exploited in the wild. The patch reduces risk from Skia and V8 flaws that can lead to browser crashes or code execution. Google said the out-of-band rollout may take days or weeks, so users may need to check for updates manually.

Related Happenings

DuckDuckGo browser rolls out built-in YouTube ad blocking on iOS, Mac, Windows, and Android

Security Tool/Service
H score11 First: 08.07.2026 15:00 Last: 08.07.2026 15:00 Sources 1

About this happening: DuckDuckGo's browser added **built-in YouTube ad blocking**, reducing interruptions for people watching videos on the standard **YouTube** site. The rollout is enabled by default...

Google Chrome 149 security update

Security Patch Release
H score28 First: 12.06.2026 12:27 Last: 12.06.2026 12:27 Sources 1

About this happening: Google rolled out **Chrome 149** for **Windows, macOS, and Linux**, resolving **28 critical and high-severity vulnerabilities**. The update reduces risk from browser compromise, m...

Google security patch release for CVE-2026-11645

Security Patch Release
H score56 First: 09.06.2026 09:56 Last: 09.06.2026 09:56 Sources 1

About this happening: **Google** released **emergency Chrome updates** to fix **CVE-2026-11645**, a **zero-day** that had already been **exploited in the wild**. The patched release covers **Chrome Sta...

Google security patch release for CVE-2026-10881

Security Patch Release
H score26 First: 06.06.2026 10:28 Last: 06.06.2026 10:28 Sources 1

About this happening: Google shipped **Chrome 149** with patches for **429 security bugs**, including **CVE-2026-10881** in **ANGLE**, creating a broad browser update for users on **Linux, Windows, and...

ExploitBench benchmark shows frontier AI models can stage Chrome exploit chains against vulnerable V8 builds

Technical Analysis
H score16 First: 04.06.2026 16:00 Last: 04.06.2026 16:00 Sources 1

About this happening: Bugcrowd’s **ExploitBench** now shows frontier AI models can progress through staged **Google Chrome** exploit chains, raising the risk of faster **AI-assisted exploit development...

Timeline

  1. 13.03.2026 11:17 1 articles · 3mo ago

    Google reports Chrome zero-day findings in Skia and V8

    Initial Disclosure

    Google discovers and reports CVE-2026-3909, an out-of-bounds write vulnerability in the Skia 2D graphics library, and CVE-2026-3910, an inappropriate implementation vulnerability in the V8 JavaScript and WebAssembly engine, on March 10, 2026; both issues are reachable via crafted HTML pages.

    Show sources
  2. 13.03.2026 11:17 1 articles · 3mo ago

    Google ships Chrome fixes for exploited zero-days

    Mitigation Patch Update

    Google releases Chrome security updates for Windows, macOS, and Linux to fix CVE-2026-3909 and CVE-2026-3910, advising users to install 146.0.7680.75/76 on Windows and macOS or 146.0.7680.75 on Linux and relaunch the browser.

    Show sources
  3. 13.03.2026 08:56 2 articles · 3mo ago

    Google releases emergency Chrome patch for two exploited zero-days

    Mitigation Patch Update

    Google released emergency security updates for Chrome Stable Desktop on Windows, macOS, and Linux to fix CVE-2026-3909 in Skia and CVE-2026-3910 in the V8 JavaScript and WebAssembly engine after confirming exploits exist in the wild. The out-of-band update was rolled out within two days of reporting and may take days or weeks to reach all users, with version updates including 146.0.7680.75 and 146.0.7680.76.

    Show sources