Google rushed out an emergency Chrome update after discovering attackers are actively exploiting a critical zero-day vulnerability. The flaw, CVE-2026-2441, is a use-after-free bug in Chrome's CSS handling that lets hackers execute malicious code remotely.
Researcher Shaheen Fazim reported the vulnerability just five days ago on February 11, 2026. Attackers are already weaponizing it in the wild, likely combining it with other exploits to break out of Chrome's security sandbox and gain system-level access on Windows, Mac, and Linux.
The patched versions are now rolling out: 145.0.7632.75/.76 for Windows and Mac, 144.0.7559.75 for Linux. Users should update immediately through Chrome's settings or let auto-updates handle it. Organizations need to prioritize this patch and watch for suspicious network activity.
Source: Cybersecurity News