New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released

Google released security updates for Chrome addressing the actively exploited zero-day CVE-2026-2441 (use-after-free in CSS; CVSS 8.8), credited to researcher Shaheen Fazim, enabling remote code execution inside a sandbox via crafted HTML. Users should update to Chrome 145.0.7632.75/76 on Windows/macOS and 144.0.7559.75 on Linux, with similar updates advised for Chromium-based browsers (Edge, Brave, Opera, Vivaldi). The report also notes Apple’s recent patch for zero-day CVE-2026-20700 targeting older iOS versions.