If you're one of the 3.45 billion people worldwide who rely on Google Chrome, it's been a hectic few days. Google just pushed out an emergency security update for Chrome that should be installed on all devices immediately.
The Californian company has included a fix for a flaw, dubbed CVE-2026-2441, that hackers had discovered and were using in real-world attacks.
"Google is aware that an exploit for CVE-2026-2441 exists in the wild," the company stated in its security advisory. These types of glitches, known as "zero-day" — meaning it takes zero days before hackers can begin exploiting the vulnerability to install malware onto your device and steal your personal information, are a race against time. Chrome users need to download and install the fix before they stumble across a hacker who knows about the flaw.
In this particular threat, security experts also call it a "use-after-free" flaw, which is a memory bug that occurs when the browser tries to access data that's already been deleted. When attackers exploit this weakness, they can cause your browser to crash, mess with how pages display, or even corrupt personal data stored on the device.
An estimated 3.45 billion people use Google Chrome globally, making it a desirable target for fraudsters to target so many users at once
| GOOGLEThe emergency update is rolling out to Chrome users on Windows, macOS, and Linux, though it might take a few days or weeks to reach everyone. While this update may install automatically, you can also manually check for this update. To do so, follow these steps:
- Open Google Chrome.
- Click the three dots (⋮) in the top-right corner.
- Go to Help → About Google Chrome.
- Chrome will automatically check for updates.
- If an update is available, click Relaunch to finish updating.
If you see "Chrome is up to date," you're already on the latest version and don't need to do anything else.
Google is keeping details about the actual attacks under wraps for now, explaining that bug information stays restricted until most users have installed the fix. This is done so that more hackers aren't alerted to additional details they can use to exploit your devices.
LATEST DEVELOPMENTS
- Millions of WhatsApp users placed on red alert
- Sold-out Freely TV box returns to Amazon with a cheaper price tag
- Best VPN deals
- HBO Max confirms UK price for all-new shows, films, and TNT Sports
- Now traditional landlines will be 'switched off' for extra 1.23m in UK
- Millions of UK viewers could be 'forced into paying for broadband'
The company dealt with eight actively exploited Chrome zero-days throughout 2025, many discovered by its Threat Analysis Group while investigating spyware campaigns targeting high-risk individuals.
Due to these frequent patches consistently being released, it's always a good idea to keep tabs on updating your browser each time an update does crop up.
Fraudsters are constantly looking for ways to exploit your devices, and Chrome is often a major target due to its popularity. The browser has an estimated 3.45 billion users worldwide.
The recent patch comes just as the browser experienced 30 malicious Chrome extensions being installed by more than 300,000 users. The harmful extensions are pretending to be artificial intelligence (AI) assistants that steal your passwords, email content, and browsing information.
At the time of writing, many malicious Google Chrome extensions like the one displayed in the photo are still available on the Chrome Web Store, and can be installed
|CHROME WEB STORE
At the time of writing, some of these extensions are still available to download in the Chrome Web Store. Here is a list of all the fake extensions that have recently been discovered by researchers:
| acaeafediijmccnjlokgcdiojiljfpbe | ChatGPT Translate |
| baonbjckakcpgliaafcodddkoednpjgf | XAI |
| bilfflcophfehljhpnklmcelkoiffapb | AI For Translation |
| cicjlpmjmimeoempffghfglndokjihhn | AI Cover Letter Generator |
| ckicoadchmmndbakbokhapncehanaeni | AI Email Writer |
| ckneindgfbjnbbiggcmnjeofelhflhaj | AI Image Generator Chat GPT |
| cmpmhhjahlioglkleiofbjodhhiejhei | AI Translator |
| dbclhjpifdfkofnmjfpheiondafpkoed | Ai Wallpaper Generator |
| djhjckkfgancelbmgcamjimgphaphjdl | AI Sidebar |
| ebmmjmakencgmgoijdfnbailknaaiffh | Chat With Gemini |
| ecikmpoikkcelnakpgaeplcjoickgacj | Ai Picture Generator |
| fdlagfnfaheppaigholhoojabfaapnhb | Google Gemini |
| flnecpdpbhdblkpnegekobahlijbmfok | ChatGPT Picture Generator |
| fnjinbdmidgjkpmlihcginjipjaoapol | Email Generator AI |
| fpmkabpaklbhbhegegapfkenkmpipick | Chat GPT for Gmail |
| fppbiomdkfbhgjjdmojlogeceejinadg | Gemini AI Sidebar |
| gcfianbpjcfkafpiadmheejkokcmdkjl | Llama |
| gcdfailafdfjbailcdcbjmeginhncjkb | Grok Chatbot |
| gghdfkafnhfpaooiolhncejnlgglhkhe | AI Sidebar |
| gnaekhndaddbimfllbgmecjijbbfpabc | Ask Gemini |
| gohgeedemmaohocbaccllpkabadoogpl | DeepSeek Chat |
| hgnjolbjpjmhepcbjgeeallnamkjnfgi | AI Letter Generator |
| idhknpoceajhnjokpnbicildeoligdgh | ChatGPT Translation |
| kblengdlefjpjkekanpoidgoghdngdgl | AI GPT |
| kepibgehhljlecgaeihhnmibnmikbnga | DeepSeek Download |
| lodlcpnbppgipaimgbjgniokjcnpiiad | AI Message Generator |
| llojfncgbabajmdglnkbhmiebiinohek | ChatGPT Sidebar |
| nkgbfengofophpmonladgaldioelckbe | Chat Bot GPT |
| nlhpidbjmmffhoogcennoiopekbiglbp | AI Assistant |
| phiphcloddhmndjbdedgfbglhpkjcffh | Asking Chat Gpt |
| pgfibniplgcnccdnkhblpmmlfodijppg | ChatGBT |
| cgmmcoandmabammnhfnjcakdeejbfimn | Grok |
To avoid installing fake extensions like the ones mentioned above, it's important to be cautious and follow these steps before clicking download:
- Click on the developer name in the Google Chrome Store: Ask yourself if the publisher has a legitimate website. Companies like Grammarly or Microsoft will link back to official domains. If it does have a website, see if it has details such as a privacy policy, terms of service, etc.
- Check the number of users and reviews: See how many users have installed it and if there are several detailed reviews to match. If the app has several generic reviews and low installation numbers, this could be a fake browser.
- Review permissions before installing: Some browsers will need access to certain information to work properly, but you can ask yourself if you're giving too much permission. Look out for extensions that ask for "Read and change all your data on all websites", "Access to browsing history", and "Clipboard access".
- Check the update history: If you see that there are multiple updates being added, it's a good sign that the extension is being maintained. If there are few to no updates, it may be an abandoned extension that could pose as a security threat. In some cases, a recent update after long inactivity could be a sign of a hijacked extension.