Google Chrome CVE (mentioned in recency-dropped items, 2026-05-12)
cve · CVE-2026-8580
Coverage timeline
1
first 2026-05-15 → last 2026-05-15
Briefs
1
1 distinct
Sources cited
151
61 hosts
Sections touched
0
—
Co-occurring entities
0
no co-occurrence
Story timeline
- 2026-05-15CTI Daily Brief — 2026-05-15
Source distribution
- attack.mitre.org23 (15%)
- cloud.google.com16 (11%)
- thehackernews.com12 (8%)
- securityweek.com10 (7%)
- bleepingcomputer.com8 (5%)
- helpnetsecurity.com5 (3%)
- unit42.paloaltonetworks.com5 (3%)
- aikido.dev3 (2%)
- other69 (46%)
External references
All cited sources (151)
- bleepingcomputer.comprimaryinlineBleepingComputer, 2026-05-17https://www.bleepingcomputer.com/news/microsoft/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released/
- bleepingcomputer.comprimaryinlineBleepingComputer, 2026-05-29https://www.bleepingcomputer.com/news/security/chatgpt-share-links-abused-to-host-fake-outage-pages-to-deliver-malware/
- bleepingcomputer.comprimaryinlineBleepingComputer, 2026-06-04https://www.bleepingcomputer.com/news/security/credit-card-theft-campaign-abuses-stripe-to-host-stolen-payment-info/
- bleepingcomputer.comprimaryinlineBleepingComputer, 2026-06-14https://www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/
- bleepingcomputer.comprimaryinlineBleepingComputer, 2026-05-15https://www.bleepingcomputer.com/news/security/funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/
- bleepingcomputer.comprimaryinlineBleepingComputer, 2026-06-02https://www.bleepingcomputer.com/news/security/google-fixes-one-actively-exploited-android-zero-day-124-flaws/
- bleepingcomputer.comprimaryinlineBleepingComputer, 2026-06-16https://www.bleepingcomputer.com/news/security/new-rokarolla-android-malware-targets-217-banking-crypto-apps/
- bleepingcomputer.comprimaryinlineBleepingComputer, 2026-06-11https://www.bleepingcomputer.com/news/security/nottingham-university-data-breach-affects-over-450-000-students/
- 9to5mac.cominline9to5Mac, 2026-05-12https://9to5mac.com/2026/05/12/apple-supplier-foxconn-confirms-ransomware-attack-affected-north-american-factories/
- aikido.devinlineAikido, 2026-05-21https://www.aikido.dev/blog/google-api-keys-deletion
- aikido.devinlineAikidohttps://www.aikido.dev/blog/multiple-jetbrains-ide-plugins-caught-stealing-ai-keys
- aikido.devinlineAikido, 2026-05-23https://www.aikido.dev/blog/supply-chain-attack-targets-laravel-lang-packages-with-credential-stealer
- attack.mitre.orginlineT1021.004https://attack.mitre.org/techniques/T1021/004/
- attack.mitre.orginlineT1027https://attack.mitre.org/techniques/T1027/
- attack.mitre.orginlineT1041https://attack.mitre.org/techniques/T1041/
- attack.mitre.orginlineT1056.001https://attack.mitre.org/techniques/T1056/001/
- attack.mitre.orginline`T1059.001`https://attack.mitre.org/techniques/T1059/001/
- attack.mitre.orginlineT1071.001https://attack.mitre.org/techniques/T1071/001/
- attack.mitre.orginlineT1090.001https://attack.mitre.org/techniques/T1090/001/
- attack.mitre.orginlineT1095https://attack.mitre.org/techniques/T1095/
- attack.mitre.orginline`T1111`https://attack.mitre.org/techniques/T1111/
- attack.mitre.orginlineT1114.002https://attack.mitre.org/techniques/T1114/002/
- attack.mitre.orginlineT1190 Exploit Public-Facing Applicationhttps://attack.mitre.org/techniques/T1190/
- attack.mitre.orginlineT1195.002https://attack.mitre.org/techniques/T1195/002/
- attack.mitre.orginlineT1218https://attack.mitre.org/techniques/T1218/
- attack.mitre.orginlineSteal Application Access Tokenhttps://attack.mitre.org/techniques/T1528/
- attack.mitre.orginlineSteal Web Session Cookiehttps://attack.mitre.org/techniques/T1539/
- attack.mitre.orginlineWeb Session Cookiehttps://attack.mitre.org/techniques/T1550/004/
- attack.mitre.orginlineT1552.001 Unsecured Credentials: Credentials In Fileshttps://attack.mitre.org/techniques/T1552/001/
- attack.mitre.orginline`nss3.dll`https://attack.mitre.org/techniques/T1555/003/
- attack.mitre.orginlineT1556https://attack.mitre.org/techniques/T1556/
- attack.mitre.orginlineAdversary-in-the-Middlehttps://attack.mitre.org/techniques/T1557/
- attack.mitre.orginlineT1562.001https://attack.mitre.org/techniques/T1562/001/
- attack.mitre.orginline`T1566.002`https://attack.mitre.org/techniques/T1566/002/
- attack.mitre.orginlineT1566.004https://attack.mitre.org/techniques/T1566/004/
- badhost.orginlineX41 D-Sec Advisory x41-2026-002, 2026-05-22https://badhost.org/
- bankinfosecurity.cominlineBankInfoSecurity, 2026-06-20https://www.bankinfosecurity.com/shinyhunters-threatens-to-leak-amazon-one-medical-records-a-32027
- blog.googleinlineGoogle, 2026-06-12https://blog.google/innovation-and-ai/technology/safety-security/combatting-ai-scams/
- careers.ox.ac.ukinlineOxfordhttps://www.careers.ox.ac.uk/article/careerconnect-secured-and-safe-to-use-following-data-security-incident
- cert.plinlineCERT Polska, 2026-05-25https://cert.pl/en/posts/2026/05/CVE-2026-9058/
- cert.ssi.gouv.frinlineCERTFR-2026-ACT-016 agentic-AI advisoryhttps://www.cert.ssi.gouv.fr/actualite/CERTFR-2026-ACT-016/
- cert.ssi.gouv.frinlineCERT-FR CERTFR-2026-AVI-0543, 2026-05-07https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0543/
- chromereleases.googleblog.cominlineGoogle Chrome Releases, 2026-06-02https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop.html
- chromereleases.googleblog.cominlineChrome releaseshttps://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html
- cloud.google.cominlineoriginal Adversarial Misuse of Generative AI reporthttps://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai
- cloud.google.cominlineGTIG AI Threat Tracker May 2026https://cloud.google.com/blog/topics/threat-intelligence/ai-threat-tracker-may-2026/
- cloud.google.cominlineGoogle Cloud Threat Intelligence, 2026-05-11https://cloud.google.com/blog/topics/threat-intelligence/ai-vulnerability-exploitation-initial-access
- cloud.google.cominlineGoogle Cloud / GTIG — BlackFile vishing-extortion operationhttps://cloud.google.com/blog/topics/threat-intelligence/blackfile-vishing-extortion-operation
- cloud.google.cominlineGoogle Threat Intelligence Group, 2026-05-15https://cloud.google.com/blog/topics/threat-intelligence/blackfile-vishing-extortion-operation/
- cloud.google.cominlineGoogle Threat Intelligence Group, 2026-05-25https://cloud.google.com/blog/topics/threat-intelligence/chinese-language-phishing-services/
- cloud.google.cominlineGTIG — Europe data leak landscapehttps://cloud.google.com/blog/topics/threat-intelligence/europe-data-leak-landscape
- cloud.google.cominlineGTIGhttps://cloud.google.com/blog/topics/threat-intelligence/knowledgedeliver-viewstate-deserialization-vulnerability/
- cloud.google.cominlineGoogle Cloud / Mandiant M-Trends 2026, 2026-03-23https://cloud.google.com/blog/topics/threat-intelligence/m-trends-2026
- cloud.google.cominlineGoogle GTIG, 2026-06-15https://cloud.google.com/blog/topics/threat-intelligence/prc-targets-us-medical-research
- cloud.google.cominlineGoogle GTIGhttps://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit
- cloud.google.cominlineGoogle GTIGhttps://cloud.google.com/blog/topics/threat-intelligence/shinyhunters-targets-education-sector-oracle-exploit/
- cloud.google.cominlineGoogle GTIGhttps://cloud.google.com/blog/topics/threat-intelligence/stockstay-turla-intelligence-gathering
- cloud.google.cominlineMandianthttps://cloud.google.com/blog/topics/threat-intelligence/targeted-campaign-us-law-firms/
- cloud.google.cominlineMandiant, 2026-04-23https://cloud.google.com/blog/topics/threat-intelligence/unc6692-social-engineering-custom-malware
- cloud.google.cominlinepublished the first complete TTP chainhttps://cloud.google.com/blog/topics/threat-intelligence/zero-day-exploitation-cisco-catalyst-sd-wan-manager
- content.naic.orginlineconfirmed on 2026-06-26https://content.naic.org/about/security-update
- crowdstrike.cominlineCrowdStrike, 2026-05-27https://www.crowdstrike.com/en-us/blog/inside-crowdstrike-takedown-of-a-developer-targeting-botnet/
- cyberscoop.cominlineCyberScoophttps://cyberscoop.com/blackfile-data-theft-extortion-retail-unit-42-rh-isac/
- cyberscoop.cominlineCyberScoop, 2026-06-12https://cyberscoop.com/outsider-cybercrime-network-takedown-china-fbi-google-lumen/
- elastic.coinlineElastic Security Labs, 2026-05-26https://www.elastic.co/security-labs/tycoon-2fa-aitm-detection-engineering
- enisa.europa.euinlineENISA, 2026-05-06https://www.enisa.europa.eu/news/new-cve-numbering-authorities-under-enisa-root
- github.bloginlineGitHub Changelog, 2026-06-18https://github.blog/changelog/2026-06-18-safer-pull_request_target-defaults-for-github-actions-checkout/
- github.cominlineGitHub Advisory GHSA-86qp-5c8j-p5mrhttps://github.com/Kludex/starlette/security/advisories/GHSA-86qp-5c8j-p5mr
- github.cominlineGitHub Advisory GHSA-jxfc-8wcq-xxcghttps://github.com/advisories/GHSA-jxfc-8wcq-xxcg
- github.cominlineMandiant Vulnerability Disclosures MNDT-2026-0009https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026-0009.md
- heise.deinlineheise Security (DE) — "DNS-Probleme: .de-Domains nicht erreichbar" ("DNS issues: .de domains unreachable"), 2026-05-05https://www.heise.de/security/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-11https://www.helpnetsecurity.com/2026/05/11/google-ai-vulnerability-exploitation/
- helpnetsecurity.cominlineHelp Net Security, 2026-05-22https://www.helpnetsecurity.com/2026/05/22/deleted-google-api-keys-risk/
- helpnetsecurity.cominlineHelp Net Security — FBI Silent Ransom Group alert, 2026-05-27https://www.helpnetsecurity.com/2026/05/27/fbi-silent-ransom-group-law-firms-social-engineering/
- helpnetsecurity.cominlineHelp Net Securityhttps://www.helpnetsecurity.com/2026/06/02/android-vulnerability-exploited-cve-2025-48595/
- helpnetsecurity.cominlineHelp Net Security, 2026-06-15https://www.helpnetsecurity.com/2026/06/15/chinese-hackers-redcap-medical-research-institutions-breach/
- herodevs.cominlineHeroDevs analysis, 2026-05-08https://www.herodevs.com/blog-posts/cve-2026-40982-critical-spring-cloud-config-server-directory-traversal-cvss-9-8
- horizon3.aiinlineHorizon3.aihttps://horizon3.ai/attack-research/disclosures/cve-2026-48558-simplehelp-authentication-bypass-iocs/
- huntress.cominlineHuntress, 2026-06-03https://www.huntress.com/blog/malspam-to-deskcvb-rat-delivery-chain-analysis
- ic3.govinlinephishing Signal Backup Recovery Keyshttps://www.ic3.gov/PSA/2026/PSA260626
- insurancejournal.cominlineInsurance Journalhttps://www.insurancejournal.com/news/national/2026/06/25/875334.htm
- ip.networkinlineIP.network Blog, 2026-05-05https://www.ip.network/blog/de-domain-dnssec-outage-may-2026
- isc.sans.eduinlineSANS Internet Storm Center, 2026-05-26https://isc.sans.edu/diary/33018
- island.ioinlineIsland, 2026-06-25https://www.island.io/blog/badblocker-11-million-users-one-server-call-away-from-compromise
- labs.withsecure.cominlineWithSecure Labs, 2026-05-29https://labs.withsecure.com/publications/greyvibe
- legalcheek.cominlineLegal Cheek, 2026-06-03https://www.legalcheek.com/2026/06/weil-reportedly-pays-up-to-20-million-after-hackers-steal-client-data/
- malwarebytes.cominlineMalwarebytes, 2026-03https://www.malwarebytes.com/blog/news/2026/03/fake-claude-code-install-pages-hit-windows-and-mac-users-with-infostealers
- microsoft.cominlineMicrosoft Threat Intelligence, 2026-05-14https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/
- microsoft.cominlineMicrosoft Security, 2026-06-18https://www.microsoft.com/en-us/security/blog/2026/06/18/autojack-single-page-rce-host-running-ai-agent/
- microsoft.cominlineMicrosoft Threat Intelligence, 2026-06-25https://www.microsoft.com/en-us/security/blog/2026/06/25/photo-zip-campaign-targeting-hospitality-industry-delivers-node-js-implant-persistent-access/
- ncsc.admin.chinlineNCSC-CH, 2026-06-09https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2026/wochenrueckblick_23.html
- nottingham.ac.ukinlineUniversity of Nottinghamhttps://www.nottingham.ac.uk/currentstudents/news/student-and-alumni-data-has-been-compromised-in-a-data-security-incident
- novee.securityinlineNovee Security, 2026-06-23https://novee.security/blog/cordyceps/
- obsidiansecurity.cominlineObsidian, 2026-06-16https://www.obsidiansecurity.com/blog/litellm-privilege-escalation-rce
- oracle.cominlineOracle security alerthttps://www.oracle.com/security-alerts/alert-cve-2026-35273.html
- pushsecurity.cominlinePush Security, 2026-05https://pushsecurity.com/blog/installfix
- pushsecurity.cominlinePush Security, 2026-05-29https://pushsecurity.com/blog/llmshare-malvertising-campaign
- rapid7.cominlineRapid7, 2026-06-09https://www.rapid7.com/blog/post/em-patch-tuesday-june-2026
- rapid7.cominlineRapid7https://www.rapid7.com/blog/post/etr-active-exploitation-of-oracle-peoplesoft-zero-day-cve-2026-35273/
- sansec.ioinlineSansec, 2026-05-14https://sansec.io/research/funnelkit-woocommerce-vulnerability-exploited
- sansec.ioinlineSansec, 2026-06-04https://sansec.io/research/stripe-api-skimmer-infrastructure
- sec.cloudapps.cisco.cominlineCisco PSIRThttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx
- security-hub.ncsc.admin.chinlineposted on ithttps://security-hub.ncsc.admin.ch/#/posts/12579
- securityaffairs.cominlineSecurity Affairs, 2026-05-12https://securityaffairs.com/192003/malware/android-banking-trojan-trickmo-evolves-using-ton-network-for-c2.html
- securityaffairs.cominlineSecurity Affairs, 2026-06-05https://securityaffairs.com/193215/cyber-crime/silent-ransom-group-srg-switching-to-dns-fast-flux-infrastructure.html
- securityweek.cominlineSecurityWeek, 2026-06-15https://www.securityweek.com/chinese-hackers-target-medical-military-and-ai-research-in-north-america/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/chrome-149-patches-429-vulnerabilities/
- securityweek.cominlineSecurityWeek, 2026-06-24https://www.securityweek.com/exploitable-ci-cd-vulnerabilities-expose-millions-of-repositories-to-hijacking/
- securityweek.cominlineSecurityWeekhttps://www.securityweek.com/google-confirms-exploitation-of-oracle-peoplesoft-zero-day-by-shinyhunters/
- securityweek.cominlineSecurityWeek, 2026-05-11https://www.securityweek.com/google-detects-first-ai-generated-zero-day-exploit/
- securityweek.cominlineSecurityWeek, 2026-06-19https://www.securityweek.com/kodak-admits-data-breach-after-shinyhunters-hack-claims/
- securityweek.cominlineSecurityWeek, 2026-06-11https://www.securityweek.com/oracle-addresses-peoplesoft-vulnerability-amid-reports-of-zero-day-attacks/
- securityweek.cominlineSecurityWeek, 2026-05-05https://www.securityweek.com/reports-massive-dns-outages-germany/
- securityweek.cominlineSecurityWeek, 2026-05-28https://www.securityweek.com/russia-linked-greyvibe-attackers-use-ai-to-supercharge-cyberattacks/
- securityweek.cominlineSecurityWeek, 2026-06-16https://www.securityweek.com/shinyhunters-claims-council-of-europe-hack/
- sentinelone.cominlineSentinelLABShttps://www.sentinelone.com/labs/macos-gaslight-rust-backdoor-turns-prompt-injection-on-the-analyst-not-the-sandbox/
- socket.devinlineSocket, 2026-05-23https://socket.dev/blog/laravel-lang-compromise
- source.android.cominlineAndroid Security Bulletin, 2026-06-01https://source.android.com/docs/security/bulletin/2026/2026-06-01
- spring.ioinlineSpring.iohttps://spring.io/security/cve-2026-40982
- stepsecurity.ioinlineStepSecurity, 2026-05-22https://www.stepsecurity.io/blog/laravel-lang-supply-chain-attack
- techcrunch.cominlineTechCrunch, 2026-05-27https://techcrunch.com/2026/05/27/crowdstrike-and-google-take-down-botnet-used-by-hackers-to-target-software-developers-in-supply-chain-attacks/
- techcrunch.cominlineTechCrunch, 2026-06-26https://techcrunch.com/2026/06/26/russian-hackers-were-behind-2-5-billion-hack-of-jaguar-land-rover-report/
- techradar.cominlineTechRadarhttps://www.techradar.com/pro/security/naic-confirms-data-breach-with-shinyhunters-claiming-3-1tb-of-data-stolen-in-oracle-zero-day-attack
- thehackernews.cominlineThe Hacker News, 2026-05-16https://thehackernews.com/2026/05/funnel-builder-flaw-under-active.html
- thehackernews.cominlineThe Hacker News, 2026-05-27https://thehackernews.com/2026/05/glassworm-malware-takedown-disrupts.html
- thehackernews.cominlineThe Hacker News, 2026-05-11https://thehackernews.com/2026/05/hackers-used-ai-to-develop-first-known.html
- thehackernews.cominlineThe Hacker News, 2026-05-18https://thehackernews.com/2026/05/miniplasma-windows-0-day-enables-system.html
- thehackernews.cominlineThe Hacker News, 2026-05-12https://thehackernews.com/2026/05/new-trickmo-variant-uses-ton-c2-and.html
- thehackernews.cominlineThe Hacker News, 2026-05-15https://thehackernews.com/2026/05/turla-turns-kazuar-backdoor-into.html
- thehackernews.cominlineThe Hacker News, 2026-06-25https://thehackernews.com/2026/06/chrome-ad-blocker-with-10m-installs.html
- thehackernews.cominlineThe Hacker News, 2026-06-04https://thehackernews.com/2026/06/fluttershell-backdoor-spreads-to-macos.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/06/google-details-turlas-new-stockstay.html
- thehackernews.cominlineThe Hacker News, 2026-06-12https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html
- thehackernews.cominlineThe Hacker News, 2026-06-16https://thehackernews.com/2026/06/google-vertex-ai-sdk-flaw-let-attackers.html
- thehackernews.cominlineThe Hacker Newshttps://thehackernews.com/2026/06/shinyhunters-exploits-oracle-peoplesoft.html
- thenextweb.cominlineThe Next Web, 2026-06-20https://thenextweb.com/news/gravity-smtp-wordpress-plugin-vulnerability-cve-2026-4020-api-keys-exploit
- thenextweb.cominlineThe Next Web, 2026-06-26https://thenextweb.com/news/jaguar-land-rover-hack-russian-hackers-nyt-investigation
- therecord.mediainlineThe Record, 2026-05-12https://therecord.media/foxconn-confirms-cyberattack-north-american-factories
- therecord.mediainlineThe Record, 2026-06-26https://therecord.media/russia-turla-espionage-ukraine-stockstay-malware
- therecord.mediainlineThe Record, 2026-06-11https://therecord.media/university-of-nottingham-cyber-incident-shiny-hunters
- theregister.cominlineThe Register, 2026-05-11https://www.theregister.com/ai-ml/2026/05/11/google-says-criminals-used-ai-built-zero-day-in-planned-mass-hack-spree/5237982
- theregister.cominlineThe Register, 2026-05-12https://www.theregister.com/cyber-crime/2026/05/12/foxconn-confirms-cyberattack-after-nitrogen-claims-apple-nvidia-data-theft/5239144
- threatfabric.cominlineThreatFabric, 2026-05-11https://www.threatfabric.com/blogs/new-trickmo-variant-device-take-over-malware-targeting-banking-fintech-wallet-auth-app
- trendmicro.cominlineTrend Micro Research, 2026-05-05https://www.trendmicro.com/en_us/research/26/e/installfix-and-claude-code.html
- unit42.paloaltonetworks.cominlineUnit 42 — CL-STA-1062https://unit42.paloaltonetworks.com/cl-sta-1062-tinyrct-backdoor/
- unit42.paloaltonetworks.cominlineUnit 42, 2026-06-22https://unit42.paloaltonetworks.com/cloud-bucket-hijacking-risks/
- unit42.paloaltonetworks.cominlineUnit 42, 2026-06-02https://unit42.paloaltonetworks.com/flutterbridge-new-fluttershell-backdoor/
- unit42.paloaltonetworks.cominlineUnit 42https://unit42.paloaltonetworks.com/hijacking-vertex-ai-model/
- unit42.paloaltonetworks.cominlineUnit 42, 2026-06-08https://unit42.paloaltonetworks.com/microsoft-teams-phishing/
- varonis.cominlineVaronishttps://www.varonis.com/blog/searchleak
- zimperium.cominlineZimperium zLabs, 2026-06-16https://zimperium.com/blog/rokarolla-android-banker-with-complete-device-takeover-capabilities
Items in briefs about Google Chrome CVE (mentioned in recency-dropped items, 2026-05-12)
No parsed item heading or body matches this entity yet. Items match by exact CVE id (for CVE entities), by lead-segment substring of the title in the item heading or body, or by a distinctive anchor token from the title appearing in the item heading. Coverage that lives inside a broader section (no per-item heading) is captured by the Story timeline above.