CVE-2026-7360

• Google/Chrome

  cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*

  Range: <147.0.7727.138

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

• chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.htmlnvdVendor Advisory
• issues.chromium.org/issues/495852034nvdPermissions Required

• Browser Run: now running on Cloudflare Containers, it’s faster and more scalable
  Cloudflare Blog · May 13, 2026
• Risky Business #837 -- GitHub Actions footgun claims TanStack
  Risky Business · May 13, 2026
• Patch Tuesday, May 2026 Edition
  Krebs on Security · May 12, 2026
• Cookie thieves caught stealing dev secrets via fake Claude Code installers
  The Register Security · May 11, 2026
• 11th May – Threat Intelligence Report
  Check Point Research · May 11, 2026
• A week in security (May 4 &#8211; May 10)
  Malwarebytes Labs · May 11, 2026
• Microsoft says Edge’s plaintext password behavior is “by design”
  Malwarebytes Labs · May 8, 2026
• Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover
  SecurityWeek · May 8, 2026
• VoidStealer Malware Darts Past Google Chrome's Encryption
  Dark Reading · May 6, 2026
• Google Chrome&#8217;s silent 4GB AI download problem [updated]
  Malwarebytes Labs · May 6, 2026
• Attackers Actively Exploiting Critical Vulnerability in Breeze Cache Plugin
  Wordfence Blog · May 5, 2026
• Cleartext Passwords in MS Edge&#x3f; In 2026&#x3f;, (Mon, May 4th)
  SANS Internet Storm Center · May 5, 2026
• Google to pay up to $1.5 million for zero-click Pixel Titan M exploits
  Help Net Security · May 5, 2026
• SSL.com rotates their root certificate today, (Tue, May 5th)
  SANS Internet Storm Center · May 5, 2026
• Google now offers up to $1.5 million for some Android exploits
  BleepingComputer · May 5, 2026
• CloudZ RAT potentially steals OTP messages using Pheno plugin
  Cisco Talos Intelligence · May 5, 2026
• Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge
  SecurityWeek · May 1, 2026
• Today's Odd Web Requests, (Wed, Apr 29th)
  SANS Internet Storm Center · Apr 29, 2026
• HTTP Requests with X-Vercel-Set-Bypass-Cookie Header, (Tue, Apr 28th)
  SANS Internet Storm Center · Apr 28, 2026
• Metasploit Wrap-Up 04/17/2026
  Rapid7 Blog · Apr 17, 2026
• Shared Dictionaries: compression that keeps up with the agentic web
  Cloudflare Blog · Apr 17, 2026
• Attackers Actively Exploiting Critical Vulnerability in Ninja Forms – File Upload Plugin
  Wordfence Blog · Apr 16, 2026
• PowMix botnet targets Czech workforce
  Cisco Talos Intelligence · Apr 16, 2026
• Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack
  SentinelOne Labs · Apr 14, 2026
• Patch Tuesday, April 2026 Edition
  Krebs on Security · Apr 14, 2026
• 6th April – Threat Intelligence Report
  Check Point Research · Apr 6, 2026
• The Good, the Bad and the Ugly in Cybersecurity – Week 14
  SentinelOne Labs · Apr 3, 2026
• 30th March – Threat Intelligence Report
  Check Point Research · Mar 30, 2026
• 16th March – Threat Intelligence Report
  Check Point Research · Mar 16, 2026
• Risky Business #828 -- The Coruna exploits are truly exquisite
  Risky Business · Mar 11, 2026
• Risky Business #825 -- Palo Alto Networks blames it on the boogie
  Risky Business · Feb 18, 2026