430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Chrome 142 Released: Two high-severity V8 flaws fixed, $100K in rewards paid

Google released Chrome 142, fixing 20 flaws, including two high-severity V8 bugs, and awarded $100,000 in bug bounties. Google addressed 20 flaws in Chrome version 142, including high-severity bugs that impact the V8 engine. The IT giant awarded $100,000 in bounties for two issues in the V8 JavaScript engine. The two vulnerabilities are tracked as […]

Google Chrome Gemini Live

Google released Chrome 142, fixing 20 flaws, including two high-severity V8 bugs, and awarded $100,000 in bug bounties.

Google addressed 20 flaws in Chrome version 142, including high-severity bugs that impact the V8 engine. The IT giant awarded $100,000 in bounties for two issues in the V8 JavaScript engine.

The two vulnerabilities are tracked as CVE-2025-12428 and CVE-2025-12429.

The high-severity vulnerability CVE-2025-12428 is a type Confusion in V8. Man Yue Mo of GitHub Security Lab reported the flaw on 2025-09-26. The vulnerability was awarded $50000.

The high-severity vulnerability CVE-2025-12429 is a type Confusion in V8. Aorui Zhang reported the flaw. The vulnerability was awarded $50000.

Google also awarded $10,000 for a Media object lifecycle vulnerability, tracked as CVE-2025-12430, which was reported by round.about.

Three high-severity V8 flaws found by Google’s Big Sleep AI agent received no bug bounty rewards.

Google also resolved multiple medium-severity flaws in Omnibox, Storage, Extensions, Ozone, PageInfo, App-Bound Encryption, and V8, and low-severity flaws in Autofill, WebXR, Fullscreen UI, Extensions, and SplitView.

It is unclear whether any of these vulnerabilities are being actively exploited in the wild.

Chrome 142.0.7444.59/60 is rolling out for Linux, Windows, and macOS, with slight version differences across platforms.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Google)