New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released

Google released security updates for Chrome to fix CVE-2026-2441 (CVSS 8.8), a use-after-free in CSS actively exploited in the wild to enable arbitrary code execution inside the sandbox via crafted HTML; users should update to 145.0.7632.75/76 on Windows/macOS and 144.0.7559.75 on Linux, and apply patches across Chromium-based browsers as they become available.