Google has released a major security update for Google Chrome to address 21 vulnerabilities, including a dangerous zero-day flaw identified as CVE-2026-5281 that is already being actively exploited. This vulnerability is a use-after-free bug found in Dawn, an open-source implementation of the WebGPU standard used by Chrome. If successfully exploited, attackers can execute arbitrary code by tricking users into visiting a specially crafted HTML page, especially in cases where the browser’s renderer process has already been compromised.

Google has confirmed that exploitation is happening in the wild but has limited the disclosure of technical details to prevent further abuse by other threat actors. This approach is common in zero-day cases, giving users time to update their systems before more attackers attempt to weaponize the flaw. Notably, this is not an isolated incident, as Google has already patched several other actively exploited Chrome vulnerabilities earlier this year, showing a growing trend of browser-targeted attacks.

To stay protected, users are strongly encouraged to update Chrome to the latest available version immediately. The update is available for Windows, macOS, and Linux users, and can be installed by navigating to the browser settings and checking for updates. Users of other Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi should also apply updates as soon as they are released, since they may be affected by similar underlying issues.

Keeping your browser updated is one of the simplest yet most effective ways to protect against modern cyber threats. With zero-day vulnerabilities like CVE-2026-5281 being actively exploited, delaying updates can significantly increase the risk of compromise.

Source: https://thehackernews.com/2026/04/whatsapp-alerts-200-users-after-fake.html