Google has published exploit code for a long-known, unfixed vulnerability in the Chromium browser engine that threatens millions of users of Chrome, Microsoft Edge, and other Chromium-based browsers. The exploit abuses the Browser Fetch API to create persistent background connections, enabling attackers to monitor user activity, proxy traffic, and conduct denial-of-service attacks, effectively turning affected devices into a limited botnet; the vulnerability was privately reported to Google 42 months ago but remains unpatched.
Google Publishes Exploit Code Threatening Millions of Chromium Users

