Research
Google Publishes Browser Fetch Exploit Code Threatening Millions of Chromium Users
On May 20, Google published proof-of-concept exploit code for an unfixed vulnerability in Chromium's Browser Fetch API that affects Chrome, Edge, and virtually all Chromium-based browsers. The exploit allows attackers to create persistent connections for monitoring browser usage and proxying traffic — connections that survive browser restarts and even device reboots depending on the browser. For builders running headless Chromium in CI/CD or agent automation pipelines, this is an immediate attack surface to audit.
Source
↳ Follow the thread