Anonymous20 days ago
Google released an emergency Chrome update on March 12, 2026, patching two actively exploited zero-day vulnerabilities — CVE-2026-3909 in the Skia graphics library and CVE-2026-3910 in the V8 JavaScript engine — that expose an estimated 3.5 billion users to potential remote code execution. The dual zero-days, both carrying CVSS scores of 8.8, mark the second and third actively exploited Chrome flaws of 2026 and come amid a broader landscape in which commercial surveillance vendors have overtaken state-sponsored groups as the leading exploiters of zero-day vulnerabilities worldwide.