New Delhi: Indian cybersecurity watchdog CERT-In has sounded a high alert for millions of Google Chrome users, flagging multiple critical vulnerabilities in the popular desktop browser and developer platform GitLab that could expose personal data to hackers.
According to the advisory released recently, Chrome’s JavaScript engine – powered by the V8 component – suffers from severe flaws, including ‘Use After Free’ errors in PageInfo, Ozone, and Storage features. Other issues include policy bypass vulnerabilities in extensions, as well as out-of-bounds read problems in both V8 and WebXR. Cyber criminals could exploit these remotely by luring users to malicious websites, enabling data theft, arbitrary code execution, or full system compromise.
GitLab’s Community and Enterprise editions aren’t spared either, with access control lapses allowing attackers to bypass security layers, crash systems, or trigger denial-of-service attacks, disrupting software testing and verification tools.
Is there a bright side? Google and GitLab have rolled out patches. CERT-In urges immediate updates and vigilance against suspicious links to thwart potential breaches.
As cyber threats escalate, this warning demonstrates the importance of proactive digital hygiene in an increasingly connected India.