Adobe has released security patches for seven maximum-severity vulnerabilities in the ColdFusion web app development platform and the Campaign Classic marketing automation platform. [...]
Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that AI tools point their way.
Palo Alto Networks' Unit 42 calls the trick phantom squatting, and its new research shows it is already happening in the wild.
The reason it matters is
A vulnerability has been found in Google Chrome and classified as critical. The affected element is an unknown function of the component PDFium. Performing a manipulation results in use after free.
This vulnerability is known as CVE-2026-14108. Remote exploitation of the attack is possible. No exploit is available.
The affected component should be upgraded.
A vulnerability, which was classified as critical, was found in Google Chrome on ChromeOS. Impacted is an unknown function of the component SSL. Such manipulation leads to use after free.
This vulnerability is traded as CVE-2026-14103. The attack may be launched remotely. There is no exploit available.
You should upgrade the affected component.
A vulnerability, which was classified as critical, has been found in Google Chrome. This issue affects some unknown processing of the component WebAppInstalls. This manipulation causes sandbox issue.
This vulnerability appears as CVE-2026-14104. The attack may be initiated remotely. There is no available exploit.
It is advisable to upgrade the affected component.
A vulnerability classified as problematic was found in Google Chrome. This vulnerability affects unknown code of the component NetworkCache. The manipulation results in permissive cross-domain policy with untrusted domains.
This vulnerability is reported as CVE-2026-14100. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.
A vulnerability classified as critical has been found in Google Chrome. This affects an unknown part of the component Scheduling. The manipulation leads to use after free.
This vulnerability is documented as CVE-2026-14107. The attack can be initiated remotely. There is not any exploit available.
It is recommended to upgrade the affected component.
A vulnerability described as critical has been identified in Google Chrome. Affected by this issue is some unknown functionality of the component Passwords. Executing a manipulation can lead to use after free.
This vulnerability is registered as CVE-2026-14102. It is possible to launch the attack remotely. No exploit is available.
Upgrading the affected component is recommended.
A vulnerability marked as critical has been reported in Google Chrome on macOS. Affected by this vulnerability is an unknown functionality of the component WebAppInstalls. Performing a manipulation results in sandbox issue.
This vulnerability is cataloged as CVE-2026-14097. It is possible to initiate the attack remotely. There is no exploit available.
It is suggested to upgrade the affected component.
A vulnerability labeled as problematic has been found in Google Chrome. Affected is an unknown function of the component CSS. Such manipulation leads to permissive cross-domain policy with untrusted domains.
This vulnerability is listed as CVE-2026-14098. The attack may be performed from remote. There is no available exploit.
The affected component should be upgraded.