It’s a New Year, but Old Vulnerabilities Are Still Coming For Us
By: Jim Stickley and Tina Davis
January 31, 2026
It may be January, but that doesn’t mean cybercriminals are taking a break. In fact, they're starting strong with CVE-2026-0628. This is a newly disclosed, critical-severity vulnerability that security researchers say could allow attackers to completely take over systems with little effort. And you are probably asking if you might be at risk. Well, if you are one of the 3 billion plus users of Google’s Chrome browser, you just might be.
Long gone are the days when Chrome was considered one of the more secure browsers to use. Recently, there has been a plethora of vulnerabilities affecting it. In 2025, there were at least five reported zero-day vulnerabilities (that means there is a known issue that has not been fixed and therefore can be exploited). This recent issue, CVE-2026-0628, is especially serious because it can be exploited without authentication, meaning attackers don’t need valid credentials to abuse it. Once exploited, the vulnerability may allow remote attackers to execute arbitrary code, potentially giving them full control over the affected device.
If compromised, attackers could manipulate automated jobs, steal data, or use the system as a launching point for further attacks inside a network.
Any organization or individual running a vulnerable version of Chrome is potentially exposed. Small businesses, developers, and enterprises alike could be affected if systems haven’t been updated. And individual users can also be affected if their browsers are not updated.
If you love using Chrome, or use it at all, immediately check which version of Chrome you’re running and apply the latest security updates. That would be version 143.0.7499.192/.193 for Windows and Mac users, and 143.0.7499.192 for Linux users.
Remember that in order for the update to take effect, you need to close and restart the browser.
SUBSCRIBE TO WEEKLY NEWSLETTER
