Skip to content
Close Menu

    Subscribe to Updates

    Get the latest news from tastytech.

    What's Hot

    Dark Souls controls have ruined action games beyond Soulslikes

    July 6, 2026

    ‘Minion & Monsters’ Suffers Worst Opening in Franchise History

    July 6, 2026

    2026 Mazda CX-70 review | CarExpert

    July 6, 2026
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    tastytech.intastytech.in
    Subscribe
    • AI News & Trends
    • Tech News
    • AI Tools
    • Business & Startups
    • Guides & Tutorials
    • Tech Reviews
    • Automobiles
    • Gaming
    • movies
    tastytech.intastytech.in
    Home»Tech Reviews»Google publishes exploit code threatening millions of Chromium users
    Google publishes exploit code threatening millions of Chromium users
    Tech Reviews

    Google publishes exploit code threatening millions of Chromium users

    gvfx00@gmail.comBy gvfx00@gmail.comMay 21, 2026No Comments2 Mins Read
    Share
    Facebook Twitter LinkedIn Pinterest Email



    Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other Chromium-based browsers.

    The proof-of-concept code exploits the Browser Fetch programming interface, a standard that allows long videos and other large files to be downloaded in the background. An attacker can use the exploit to create a connection for monitoring some aspects of a user’s browser usage and as a proxy for viewing sites and launching denial-of-service attacks. Depending on the browser, the connections either reopen or remain open even after it or the device running it has rebooted.

    Table of Contents

    Toggle
    • Unfixed for 29 months (and counting)
      • Related posts:
    • Today's NYT Strands Hints, Answer and Help for June 11 #830- CNET
    • OpenAI walks a tricky tightrope with GPT-5.1’s eight new personalities
    • Google is also removing apps used to report sightings of ICE agents

    Unfixed for 29 months (and counting)

    The unfixed vulnerability can be exploited by any website a user visits. In effect, a compromise amounts to a limited backdoor that makes a device part of a limited botnet. The capabilities are limited to the same things a browser can do, such as visit malicious sites, provide anonymous proxy browsing by others, enable proxied DDoS attacks, and monitor user activity. Nonetheless, the exploit could allow an attacker to wrangle thousands, possibly millions, of devices into a network. Once a separate vulnerability becomes available, the attacker could use it to then compromise all those devices.

    “The dangerous part here is that you can just have a lot of different browsers together that you can in the future run something on that you figure out,” said Lyra Rebane, the independent researcher who discovered the vulnerability and privately reported it to Google in late 2022 in an interview. She said using the exploit code Google prematurely published would be “pretty easy,” although scaling it to wrangle large numbers of devices into a single network would require more work. In the thread of Rebane’s disclosure to Google, two developers said in separate responses that it was a “serious vulnerability.” Its severity was rated S1, the second-highest classification.

    Since its reporting 29 months ago, the vulnerability remained unknown except to Chromium developers. Then on Wednesday morning, it was published to the Chromium bug tracker. Rebane initially assumed the vulnerability was finally fixed. Shortly thereafter, she learned that, in fact, it remained unpatched. While Google removed the post, it remains available on archival sites, along with the exploit code.

    Related posts:

    YouTube TV vs. Hulu Plus Live TV: Which Offers the Best Experience for Your Buck?

    Chaos erupts as cyberattack disrupts learning platform Canvas amid finals

    Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticlePitt, Tarantino, and Fincher’s big movie hits IMAX before Netflix release
    Next Article SQL Window Functions Beyond Basics: Solving Real Business Problems
    gvfx00@gmail.com
    • Website

    Related Posts

    Tech Reviews

    Will ITV still be free? The massive Sky-ITV deal explained — and what it means for your favorite TV shows

    July 6, 2026
    Tech Reviews

    Best NVMe SSDs: 2026’s Top Five

    July 6, 2026
    Tech Reviews

    Critical Copilot vulnerability allowed hackers to steal 2FA code from users

    July 6, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Top Posts

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025129 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram

    Subscribe to Updates

    Get the latest tech news from tastytech.

    About Us
    About Us

    TastyTech.in brings you the latest AI, tech news, cybersecurity tips, and gadget insights all in one place. Stay informed, stay secure, and stay ahead with us!

    Most Popular

    Black Swans in Artificial Intelligence — Dan Rose AI

    October 2, 2025206 Views

    Every Clue That Tony Stark Was Always Doctor Doom

    October 20, 2025129 Views

    We let ChatGPT judge impossible superhero debates — here’s how it ruled

    December 31, 2025100 Views

    Subscribe to Updates

    Get the latest news from tastytech.

    Facebook X (Twitter) Instagram Pinterest
    • Homepage
    • About Us
    • Contact Us
    • Privacy Policy
    © 2026 TastyTech. Designed by TastyTech.

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.