Google has released a major security update for Google Chrome Stable Channel, addressing 151 vulnerabilities, including 22 critical flaws impacting core graphics, networking, media, and user interface components across Windows, macOS, and Linux platforms.
Critical Vulnerabilities Addressed in Chrome Update
Google has patched three Critical-severity vulnerabilities in Google Chrome that could potentially allow attackers to execute arbitrary code or compromise affected systems.
CVE-2026-7896 – An integer overflow vulnerability in the Blink rendering engine. The flaw was reported by an external security researcher on March 18 and was significant enough to receive a $43,000 bug bounty reward from Google.
CVE-2026-7897 – A use-after-free vulnerability affecting the Chrome Mobile component, internally identified by Google on April 18.
CVE-2026-7898 – A use-after-free vulnerability in Chromoting (Chrome Remote Desktop), internally discovered by Google on April 20.
Successful exploitation of these vulnerabilities could lead to memory corruption, application crashes, or remote code execution under certain conditions. Users and organizations are strongly advised to update Chrome to the latest available Stable release immediately.
Fixed Software Versions
Versions Google Chrome 148.0.7778.215 for Android and Linux, 148.0.7778.215/216 for macOS, and 148.0.7778.216/217 for Windows contain the bug fixes, as Google writes in the release announcement. For Android and iOS, Google is also distributing browsers of the 149 version branch in smaller waves.
The update for the Chromium-based web browsers is usually initiated by the version dialog, which is hidden behind “Help” and then “About” or “Info” on the respective browser name in the browser menu (usually an icon with three stacked dots or lines). On Linux, the distribution’s software management is usually responsible for this. However, updates often arrive with a delay in Apple’s and Google’s app stores; acceleration cannot be forced.
Those who use Chrome-based web browsers like Microsoft Edge should also check here whether the manufacturer has already distributed the updates.
Chrome updates:
According to Chrome’s advisory, the detected bugs were uncovered using automated fuzzing and sanitizer tools such as AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, libFuzzer, and AFL, underscoring the scale of Google’s proactive security testing infrastructure.
Users across Windows, Mac, and Linux should immediately update to Chrome 148.0.7778.96/97 to remediate these vulnerabilities.
The next stable release, Chrome 149, is scheduled for June 2, 2026. Users can update via Settings → Help → About Google Chrome, which triggers an automatic download and install.
FortiGuard Labs recently identified a phishing campaign distributing a PureLogs variant designed to collect sensitive data from the victim’s device. The analysis provides an in-depth examination of the campaign, including the phishing emails and the mechanisms by which the JavaScript file operates on the victim’s device
This campaign uses deceptive emails disguised as purchase orders, a tactic commonly used to trick recipients into opening malicious attachments.
Infection Chain
Figure 1 illustrates the infection chain of this phishing email campaign.
(Fortinet)
Step-by-Step Attack Flow of the PureLogs Campaign
This campaign employs a sophisticated multi-stage attack chain that begins with a phishing email delivering a malicious JavaScript file.
The JavaScript decrypts and launches a PowerShell script, which then uses process hollowing to inject a .NET downloader into the legitimate Windows process MsBuild.exe. The downloader communicates with a remote C2 server to fetch and execute additional plugin modules, enabling flexible post-compromise operations.
The attack leverages multiple encryption layers, fileless execution, and process hollowing techniques, making it highly evasive and difficult for traditional signature-based security solutions to detect.
Organizations are advised to strengthen email filtering, restrict unnecessary script execution, and monitor for suspicious PowerShell activity and process hollowing behavior.
The use of multiple encryption layers, fileless execution, and process hollowing techniques makes this campaign highly evasive and difficult for traditional signature-based security solutions to detect. Organizations are advised to enforce email filtering, disable unnecessary script execution, and monitor for anomalous PowerShell activity and process hollowing.
PureLogs Attack scenario
The attack begins with a fake purchase order email. Fortinet observed an attached archive named PO 2026-P0803.rar, which carried a malicious JavaScript file called kpankocrs.js.
When the victim opens the script, it decrypts PowerShell code and writes it to a randomly named .ps1 file in the C:\Temp folder. The script then runs PowerShell with flags that bypass execution policy, hide the window, and avoid loading a user profile.
From there, the PowerShell stage decodes and decrypts more content. It loads .NET modules directly in memory, which helps the campaign reduce obvious files on disk and avoid simpler signature-based detection.
MsBuild.exe Is Useful to Attackers
MsBuild.exe is a legitimate Microsoft build utility commonly used to compile and build applications. Because it is a trusted Windows component frequently seen in enterprise environments, attackers often abuse it to disguise malicious activity under the appearance of normal system operations.
In this campaign, the threat actors leveraged the hardcoded path C:\Windows\Microsoft.NET\Framework\v4.0.30319\MsBuild.exe as the target for process hollowing. According to Fortinet’s analysis, the PowerShell stage creates a suspended MsBuild.exe process and injects malicious .NET code into it before execution resumes.
The abuse of legitimate Windows binaries like MsBuild.exe allows attackers to blend into normal system activity, making detection significantly harder if organizations are not actively monitoring process behavior, parent-child relationships, and suspicious network communications.
Process Hollowing Helps PureLogs Evade Detection
Process hollowing is a stealth-focused process injection technique that allows malware to operate from within a legitimate process. The attacker launches a trusted application in a suspended state, replaces its memory with malicious code, and then resumes execution.
MITRE ATT&CK identifies process hollowing as a common defense evasion technique used to bypass traditional security controls. Fortinet observed several APIs associated with this activity, including CreateProcessA, ZwUnmapViewOfSection, WriteProcessMemory, SetThreadContext, and ResumeThread.
As a result, security tools may only detect a seemingly legitimate MsBuild.exe process, while the malicious payload executes silently within it. This deceptive behavior complicates both automated detection and manual incident analysis.
Information PureLogs Steals
PureLogs is a .NET-based information stealer designed to harvest sensitive system and user data from infected devices. Once deployed through the downloader module, the malware collects, compresses, encrypts, and exfiltrates data to its command-and-control (C2) infrastructure.
The malware gathers extensive host information, including screenshots, antivirus details, operating system data, processor information, usernames, screen resolution, memory size, clipboard contents, and system timestamps.
Italian digital forensics firm Forenser has uncovered a sophisticated zero-click attack campaign thatenables threat actors to covertly compromise WhatsApp accounts while legitimate users remain actively logged in and unaware of the intrusion.
The incidents primarily affected iPhone users running iOS 16, spanning devices from the iPhone 8 through the iPhone 14 series. Victims reported unauthorized WhatsApp messages requesting money transfers being sent from their accounts, despite no unfamiliar sessions or devices appearing within the app’s “Linked Devices” section.
What did researchers identified
Forensics ’ analysis identified unusual “resync” events in iOS unified logs, indicating that both the victim’s device and the attacker’s client were simultaneously competing to maintain control over the same WhatsApp session.
The attack chain combined two separate vulnerabilities to achieve a stealthy WhatsApp account takeover on vulnerable iPhones.
The first flaw, CVE-2025-43300, is an out-of-bounds write vulnerability within Apple’s ImageIO framework, a core iOS component responsible for processing image files.
By exploiting this ImageIO flaw, attackers could potentially execute malicious code on targeted iPhones without requiring any user interaction, making it a true zero-click exploit.
The second vulnerability, CVE-2025-55177, affected WhatsApp’s linked-device synchronization mechanism on iOS devices running versions earlier than iOS 16.7.12.
Attackers reportedly leveraged this WhatsApp synchronization weakness to secretly instantiate and maintain unauthorized WhatsApp sessions on compromised devices. The chained exploitation enabled threat actors to bypass normal WhatsApp security visibility, meaning compromised sessions did not appear under the app’s “Linked Devices” section.
Impact on Users
Attackers can gain full access to a victim’s WhatsApp account without the user clicking any link or opening any file.
Victims may not receive any warning, notification, or suspicious login alert during the compromise.
The hijacked session does not appear under WhatsApp’s “Linked Devices,” making detection extremely difficult.
Cybercriminals can impersonate victims and send fraudulent messages to contacts requesting money transfers or sensitive information.
Personal conversations, shared media, and confidential data may be exposed to attackers.
Users can experience ongoing session instability due to simultaneous access attempts between the legitimate device and the attacker.
Traditional phishing awareness offers limited protection because the exploit requires zero user interaction.
Individuals running outdated or unpatched iOS 16 versions face a significantly higher risk of compromise.
Financial fraud risks increase as attackers exploit trust between victims and their contacts.
Business users may face corporate data exposure, reputational damage, and unauthorized access to sensitive communications.
The attack demonstrates how mobile messaging platforms are increasingly becoming high-value targets for sophisticated cybercriminals. It highlights the critical importance of rapid OS updates, mobile threat monitoring, and secure communication practices.
Reminder for Organization on timely patching
This incident serves as a critical reminder for organizations that making timely patch management and proactive mobile security essential components of enterprise defense strategies.
The importance of adopting proactive threat intelligence, incident response readiness and Zero Trust security principles cannot be neglected.
When it is essential to defend against increasingly advanced attacks targeting communication platforms and sensitive business data in modern cyber warfare.
NGINX rewrite module, is used to redirect or modify web requests.
The NGINX vulnerability known as CVE-2026-42945, is a programming mistake in the software where it writes or reads more data in memory than it should, causing a heap buffer overflow and is 18 year old, where in certain rewrite rules are configured in a vulnerable way.
This enables attackers to send specially crafted network requests that cause the NGINX server process to crash. Further attackers don’t need any authentication to send malformed requests to servers. The vulnerability was discovered with the help of AI models in recent months, missed by scanners and humans over the years.
The attack can be leveraged & Potential Impact
Nginx is one of the most popular web servers, powering almost one third of all websites on the internet, and is integrated into many commercial products as well.
Crash or restart the NGINX server remotely
Cause websites or applications to become unavailable
Launch Denial-of-Service (DoS) attacks
In worst case if a Windows/Linux security protection called ASLR (Address Space Layout Randomization) is disabled:
Attackers may be able to run malicious code on the server
This could potentially lead to full server compromise
Attackers require no authentication and can be performed remotely, while 5.7 million internet-facing NGINX servers may be exposed
Exploitation is already happening in real-world attacks
The vulnerable code has reportedly existed for nearly 18 years
Vulnerability
Details
CVE ID
CVE-2026-42945
Severity
High / Critical
Affected Product
NGINX OSS & NGINX Plus
Impact
DoS / Possible Remote Code Execution
Attack Requirement
Specially crafted web requests
Authentication Needed
No
Researchers also found additional medium-severity vulnerabilities affecting:
HTTP/3 QUIC module
HTTP/2 proxy mode
SSL module
SCGI and uWSGI modules
Charset handling module
These may cause:
Memory exhaustion
Data leakage
Spoofing attacks
Service instability
This causes a buffer overflow in the NGINX worker process, meaning the server tries to handle more data than expected in memory. As a result, the NGINX service crashes and restarts, causing a Denial-of-Service (DoS) condition.
Immediate Patching Recommendation
Upgrade to the latest patched NGINX versions immediately.
Review and modify vulnerable rewrite rules.
Restrict unnecessary internet exposure of NGINX servers.
Monitor for unexpected NGINX crashes or restarts.
Ensure ASLR and other OS-level security protections remain enabled.
The recently disclosed NGINX vulnerability (CVE-2026-42945) affecting the ngx_http_rewrite_module can allow unauthenticated attackers to remotely crash vulnerable servers and, in certain conditions, potentially execute malicious code.
How GaarudNode Helps Secure Against This Vulnerability
GaarudNode helps organizations proactively identify, prioritize, and remediate such vulnerabilities across the complete application and infrastructure lifecycle through its unified Shift-Left and Shift-Right security capabilities.
Security Capability
How It Helps
Continuous OS & Infrastructure Vulnerability Scanning
Detects vulnerable NGINX OSS and NGINX Plus versions across servers, containers, and cloud workloads
Missing Patch Detection
Identifies systems missing critical NGINX security updates and tracks remediation status
Misconfiguration Assessment
Detects insecure rewrite rules and vulnerable NGINX configurations that may trigger the flaw
CSPM (Cloud Security Posture Management)
Identifies internet-exposed NGINX instances and insecure cloud deployments
Network Security Visibility
Detects externally exposed web services and risky attack surfaces
Runtime Monitoring (Shift Right)
Monitors abnormal NGINX crashes, unexpected restarts, and suspicious traffic patterns linked to exploitation attempts
Risk Prioritization
Correlates internet exposure, vulnerable configurations, and exploitability to prioritize remediation
Unified Risk Dashboard
Provides centralized visibility across applications, infrastructure, cloud, OS, and network risks
A newly disclosed Windows zero-day vulnerability named ‘MiniPlasma’ allows attackers to gain SYSTEM-level privileges on fully patched Windows 11 systems.
The vulnerability affects the Windows Cloud Files Mini Filter Driver (cldflt.sys), a core component used by cloud synchronization services such as Microsoft OneDrive.
Researchers released a public proof-of-concept (PoC) exploit, increasing the risk of real-world exploitation by threat actors and ransomware groups.
The flaw enables a normal user account to escalate privileges without requiring administrator access, making it highly dangerous in enterprise environments.
The exploit reportedly abuses:
Weak access validation
Registry interactions
Undocumented Windows APIs
Logic flaws in the cloud synchronization subsystem
How enterprise will address the risk
Researchers claim the same underlying weakness still exists and remains exploitable.The vulnerability is still present in fully patched systems running the latest May 2026 updates. The original proof-of-concept code published by Forshaw worked without modification.
The flaw allows attackers with physical access to bypass BitLocker protections and gain unrestricted shell access to encrypted volumes through the Windows Recovery Environment (WinRE).
The attack is triggered by placing specially crafted files inside a specific directory on a USB drive or directly in the EFI partition.
The flaw is disturbing as the vulnerable component exists exclusively within the WinRE image, not in standard Windows installations, and an identical component appears in normal installations but without the triggering functionality.
Microsoft has not publicly addressed the claim and neither dedicated emergency patch or confirmed whether MiniPlasma represents a new vulnerability class .
New malware TencShell, a previously undocumented, Go-based implant derived from the open-source Rshell C2 framework targets manufacturing based enterprises. The malware’s activity appeared in traffic associated with a third-party user connected to the customer environment. The malware framework is based on screen control, browser artifact access and User Account Control (UAC) bypass that highlights how attackers are increasingly adapting open-source tools for real-world intrusions. Their attack pattern reveal careful design that can blend into normal enterprise traffic.
The tactics was revealed in April 2026, when Cato CTRL identified and blocked an attempted intrusion against a global manufacturing customer involving TencShell.
The malware has been previously undocumented, Go-based implant derived from the open-source Rshell C2 framework.
The activity appeared in traffic associated with a third-party user connected to the customer environment.
Malware attack chain
The attack chain used a first-stage dropper, Donut shellcode, a masqueraded .woff web-font resource, memory injection, and web-like C2 communication.
Activity noticed an suspected China-linked based on the apparent Rshell lineage, Tencent-themed API impersonation, and infrastructure patterns, While this pattern is relevant to our suspected China-linked assessment, it is not sufficient on its own for attribution.
If successful, TencShell could have given the attacker remote command execution, in-memory payload execution, proxying, pivoting, system profiling, and a path to deploy additional tooling. We blocked the attempt before the attacker could establish durable remote control.
Command & control framework
A C2 framework deployed through third-party access can turn a trusted business connection into an attacker-controlled bridge.
According to Cato CTRL, TencShell is a customized, Go-based implant derived from the open-source Rshell in C2 framework.
Security analysts suspect the malware has ties to Chinese threat actors, largely due to its infrastructure patterns and its clever impersonation of Tencent API services, which are designed to camouflage malicious communication.
If TencShell had installed successfully, the attacker could potentially execute commands, inspect files, steal credentials or session material, stage additional tools, proxy traffic through the endpoint, and move toward internal systems that are not directly exposed to the internet.
Business Riskfor manufacturers posed by the Malware
From the standpoint of manufacturers across the globe, the business risk extends beyond. If any endpoint connected is compromised to a regional site can further expose supplier relationships, production workflows, intellectual property, customer data, logistics processes and business continuity.
The C2 framework gives the attacker the control needed to decide what comes next.
What can attackers do from operational standpoint
To evade endpoint defenses, attackers can execute inline binaries, load dynamic link libraries and run .NET assemblies directly from memory.
The framework also enables operators to establish SOCKS5 proxies, allowing them to tunnel traffic and pivot deeper into segmented internal systems.
TencShell is derived from Rshell, an open-source Go-based C2 framework designed for cross-platform offensive security use. The original Rshell project includes remote command execution, file and process management, terminal access, in-memory payload execution, multiple C2 transports, and an MCP server. The version we observed was customized and repackaged for this operation, with communication and delivery changes that made it more suitable for the attacker’s campaign.
Embedded Go source paths in TencShell exposed the Reacon project structure and the threat actor user, as shown in Figure 1.
Figure 1. TencShell Go paths revealing the threat actor’s REACON project
Conclusion: The framework for Malware classification system (MCS) if adopted to analyze malware behavior dynamically using a concept of information theory and a machine learning technique will be useful for manufacturing organizations.
Any proposed framework will extracts behavioral patterns from execution reports of malware in terms of its features and generates a data repository. The specific aim of any proposed framework detects the family of unknown malware samples after training of a classifier from malware data repository.
Security researchers have the opinion, attackers no longer need custom malware development pipelines to conduct sophisticated intrusions. Adaptable open-source tooling is often enough for implementation and TencShell appears to have been customized from Rshell into a practical post-exploitation implant with web-like C2 communication. This assited the attacker to adapt available offensive tooling and attempted to blend the activity into normal enterprise traffic.
Google Threat Intelligence Group (GTIG) has tracked and found how attackers have models pose as security researchers or firmware experts to perform analyses on embedded systems and protocols. The zeroday exploit set to target popular open-source web administration tool, generated using AI. Observations revealed hackers are deploying agentic tools to partially automate research and exploit validation.
This shifts AI from a passive assistant to a system that independently executes parts of offensive workflows.
Theis report provide insights derived from Mandiant incident response engagements, Gemini and GTIG’s proactive research. The highlights aim at the threat environment where AI serves dual purpose. On one hand to disrupt advance cyber threats from hackers and other AI tools acting as high value agents for cyber attacks.
Here are key highlights of the threat research:
Vulnerability Discovery and Exploit Generation: For the first time, GTIG has identified a threat actor using a zero-day exploit that we believe was developed with AI. The criminal threat actor planned to use it in a mass exploitation event but our proactive counter discovery may have prevented its use.
AI-Augmented Development for Defense Evasion: AI-driven coding has accelerated the development of infrastructure suites and polymorphic malware by adversaries. These AI-enabled development cycles facilitate defense evasion by enabling the creation of obfuscation networks and the integration of AI-generated decoy logic in malware that google have linked to suspected Russia-nexus threat actors.
Autonomous Malware Operations: AI-enabled malware, such as PROMPTSPY, signal a shift toward autonomous attack orchestration, where models interpret system states to dynamically generate commands and manipulate victim environments. Analysis of this malware revealed previously unreported capabilities and use cases for its integration with AI.
AI-Augmented Research and IO: Adversaries continue to leverage AI as a high speed research assistant for attack lifecycle support, while shifting toward agentic workflows to operationalize autonomous attack frameworks.
Obfuscated LLM Access: Threat actors now pursue anonymized, premium tier access to models through professionalized middleware and automated registration pipelines to illicitly bypass usage limits. This infrastructure enables large scale misuse of services while subsidizing operations through trial abuse and programmatic account cycling.
Supply Chain Attacks: Adversaries like “TeamPCP” (aka UNC6780) have begun targeting AI environments and software dependencies as an initial access vector. These supply chain attacks result in multiple types of machine learning (ML)-focused risks outlined in the Secure AI Framework (SAIF) taxonomy, namely Insecure Integrated Component (IIC) and Rogue Actions (RA).
Hackers leveraging AI for vulnerability development and Zeroday exploitation
Cybercriminal groups are increasingly leveraging AI to support vulnerability discovery and exploit development.
Google Researchers observed threat actors planning large-scale exploitation campaigns using AI-assisted techniques.
A zero-day vulnerability was identified in a Python script capable of bypassing Two-Factor Authentication (2FA) in a popular open-source web administration tool. The exploit required valid user credentials but bypassed 2FA due to a hardcoded trust assumption within the application logic. Analysis suggests the vulnerability discovery and exploit development were likely assisted by an AI model due to:
Structured and highly “textbook” Python coding style
Excessive educational docstrings
Hallucinated CVSS scoring
LLM-like formatting patterns and helper classes
Unlike traditional vulnerabilities such as memory corruption or input validation flaws, this issue was a high-level semantic logic flaw difficult for conventional scanners to detect. Frontier AI models are becoming increasingly capable of:
Understanding developer intent
Identifying hardcoded security assumptions
Detecting hidden logic inconsistencies
Surfacing vulnerabilities missed by static analysis and fuzzing tools
The incident highlights the growing risk of AI-assisted zero-day discovery and exploitation by threat actors and as AI use datasets containing historical vulnerabilities to help models better reason about security flaws.
“For the first time, GTIG has identified a threat actor using a zero-day exploit that we believe was developed with AI,” GTIG researchers say.
What can be the consequences specifically at a time when new AI models unlike Anthropic’s Mythos, which were announced last month and appear to be good at finding such holes that Anthropic shared.
Rob Joyce, the former cybersecurity director of the National Security Agency, said that it can be difficult to know whether a human or machine wrote computer code, adding that, “A.I.-authored code does not announce itself.”
The Zeroday Defect
The report’s main findings involves a zero-day exploit that GTIG assessed was likely developed with AI assistance.
The vulnerability affected a popular open-source, web-based system administration tool and allowed two-factor authentication to be bypassed, although valid user credentials were still required.
The zero-day flaw was detected by the Google Threat Intelligence Group within the past few months and was exploited by “prominent cybercrime threat actors” in a script of the Python programming language.
Allow hackers to bypass two-factor authentication on “a popular open-source, web-based system administration tool,” though the hackers also would have needed access to valid credentials like user names and passwords to be successful, the company said.
Malware Evasion Techniques via AI
Hackers are also leveraging malware evasion techniques and sandbox evasions and other tricks to stay out of sight. As defenders increasingly rely on AI to accelerate and improve threat detection, a subtle but alarming new contest has emerged between attackers and defenders.
GTIG identified several malware families or tools with LLM-enabled obfuscation features, including PROMPTFLUX, HONESTCUE, CANFAIL, and LONGSTREAM.
Here is an example:
In June 2025, a malware sample was anonymously uploaded to VirusTotal from the Netherlands. At first glance, it looked incomplete. Some parts of the code weren’t fully functional, and it printed system information that would usually be exfiltrated to an external server.
The sample contained several sandbox evasion techniques and included an embedded TOR client, but otherwise resembled a test run, a specialized component or an early-stage experiment. What stood out, however, was a string embedded in the code that appeared to be written for an AI, not a human. It was crafted with the intention of influencing automated, AI-driven analysis, not to deceive a human looking at the code.
The malware includes a hardcoded C++ string, visible in the code snippet below:
In-memory prompt injection.
Hackers can leverage these emerging AI Evasion techniques to bypass AI-powered security systems by manipulating how Large Language Models (LLMs) interpret, analyze, and classify malicious content or activity.
How Attackers May Use AI Evasion Techniques
Prompt Injection Attacks Attackers craft malicious inputs that manipulate AI models into ignoring security rules, revealing sensitive information, or executing unintended actions.
Bypassing AI-Based Detection Threat actors can design malware, phishing emails, or malicious scripts in ways that appear legitimate to AI-powered detection systems.
Manipulating Context & Intent AI systems rely heavily on context and language interpretation. Attackers may exploit ambiguous wording, hidden instructions, or layered prompts to confuse AI defenses.
Generating Adaptive Malware AI-generated malware can dynamically modify behavior, code structure, or communication patterns to evade traditional and AI-driven security tools.
Automating Social Engineering AI can help create highly convincing phishing messages, fake identities, and impersonation attempts that are harder for AI-based defenses to detect.
Conclusion: AI is significantly strengthening cybersecurity defenses.
Security teams are leveraging AI for real-time threat detection, behavioral analytics, automated incident response, vulnerability management, and proactive risk assessment. While attackers currently benefit from AI-driven automation and exploitation capabilities, defenders are expected to gain a stronger long-term advantage as AI evolves into a core component of secure software development, proactive cyber defense, and intelligent security operations.
