⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

This is a high-severity security update from The Hacker News. It covers Chrome 0 and was flagged for security teams to evaluate.

Check whether your environment runs Chrome 0. If you operate any of those, treat yourself as in scope until you have evidence otherwise. A Vulnios scan will identify the exact assets carrying the affected version.

High: address inside your standard high-severity SLA (typically 7 days for internet-exposed assets, 30 days for internal). Skip ahead in the queue if the host is internet-facing.

Apply the vendor patch listed in the upstream advisory linked under Sources. If the patch is not yet available, follow the vendor-supplied workaround (often a config flag or feature disable) and add detections for the published exploit pattern in your SIEM. Re-scan after the patch lands to confirm the finding clears.

Vulnios continuously cross-references your asset inventory against the live CVE feed (NVD, vendor advisories, CISA KEV, and curated OSINT). When a new CVE matches your environment, you get a prioritized finding with the severity, KEV status, exploit-prediction (EPSS), and a direct path to the vendor patch. You can start a free scan from the homepage.