V8
2 posts
Article
Chrome Zero-Day Exploited in 2026
CVE-2026-2783, a zero-day in Chrome's V8 engine, was exploited in targeted attacks against sensitive data handlers. No file writes occurred; execution stayed within the browser process. Detection failures stemmed from normal-looking network behavior and lack of alerts across EDR and SIEM systems.
Article
CVE-2025-1234: Type Confusion in V8 JavaScript Engine Exploited in the Wild
CVE-2025-1234: Type confusion in V8 exploited in the wild, enabling arbitrary code execution via JIT deoptimization. MITRE T1059.004, EDR blind spots, and post-patch exposure.