Zero-Day Alert Google Chrome Under Active Attack, Exploiting New Vulnerability


Google has released security upgrades to address seven vulnerabilities in the Chrome browser, one of which is a zero-day that is already being actively exploited in the wild.The high-severity vulnerability, tracked as CVE-2023-6345, has been identified as an integer overflow problem in the open-source 2D graphics package Skia.On November 24, 2023, Benoît Sevens and Clément Lecigne of Google’s Threat Analysis Group (TAG) are credited for finding and reporting it.

The search engine giant confirmed that “an exploit for CVE-2023-6345 exists in the wild,” as is customary, but it withheld more details on the type of assaults and the threat actors that could be using it as a weapon in actual attacks.

Read More…