Attackers Are Exploiting a New Zero-Day Flaw in Chrome. Patch Now!

Google wants desktop and mobile Chrome users to deploy a security fix for a vulnerability known to be exploited by threat actors in the wild. A heap buffer overflow in Chrome’s real-time communication module has been exploited by malicious actors to target vulnerable users, the web giant said in an advisory yesterday. Tracked as CVE-2023-7024, this WebRTC bug has enabled targeted attacks in the wild, as found by Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group the day prior