Edge

A use-after-free vulnerability in the ANGLE graphics engine within Chromium (CVE-2026-7359) allows for potential exploitation in Google Chrome and Microsoft Edge.

A heap buffer overflow vulnerability exists in the WebRTC component of Google Chrome and Microsoft Edge (Chromium-based), potentially leading to code execution.

CVE-2026-7355 is a use-after-free vulnerability in the Media component of Chromium, affecting Google Chrome and Microsoft Edge, potentially allowing for arbitrary code execution.

CVE-2026-7357 is a use-after-free vulnerability in the GPU component of Chromium that also affects Microsoft Edge, potentially leading to arbitrary code execution.

CVE-2026-7333 is a use-after-free vulnerability in the GPU component of Chromium, affecting Google Chrome and Microsoft Edge, potentially leading to arbitrary code execution.

CVE-2026-7348 is a use-after-free vulnerability in the Codecs component of Chromium, affecting Google Chrome and Microsoft Edge.

CVE-2026-7349 is a use-after-free vulnerability in the Cast component of Chromium, affecting Google Chrome and Microsoft Edge.

CVE-2026-7338 is a use-after-free vulnerability in the Cast component of Chromium, affecting Google Chrome and Microsoft Edge, potentially leading to arbitrary code execution.

CVE-2026-7353 is a heap buffer overflow vulnerability in the Skia graphics library used by Chromium, affecting both Google Chrome and Microsoft Edge.

Attackers may attempt credential theft by launching browsers (Chrome, Edge) with remote debugging, headless automation, or minimal arguments from an unusual parent process on Windows systems.

Attackers modify registry run keys or startup keys to achieve persistence by referencing a program that executes when a user logs in or the system boots.

Detects DNS queries to commonly abused remote monitoring and management (RMM) or remote access software domains from non-browser processes, potentially indicating unauthorized remote access or command and control activity.

Detection of DNS-over-HTTPS (DoH) being enabled via registry modifications on Windows systems, potentially indicating defense evasion and obfuscation of network activity by masking DNS queries.

Attackers masquerade malicious executables as legitimate business application installers to trick users into downloading and executing malware, leveraging defense evasion and initial access techniques.