State-run Indian Computer Emergency Response Team (CERT-In) has flagged several vulnerabilities in Google Chrome browsers and ChromeOS for PCs.

The security loopholes in the Chrome browser and ChromeOS can allow threat actors to take over the targeted systems to steal sensitive information and execute Denial of Service (DoS) attacks to make the computer inoperable.

Google has acknowledged the security vulnerabilities in the ChromeOS and Chrome browser. It has rolled out the update to all eligible devices.

The company has refrained from revealing the specific security issues as it may give other criminals an idea of how to try similar targeted attacks on users who haven't updated their devices yet.

"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google said.

Google has awarded close to $157,500 in cash to security researchers for detecting the security vulnerabilities in ChromeOS and Chrome browser.

[ Note: $7,500 for detectiong ChromeOS issues and $150,000 for detecting vulnerabilities in Chrome browser].

In a related development, Google has released a similar security patch for Android phones to fix zero-day bugs.

A zero-day bug is a software security vulnerability whose existence concerned experts (in this case, engineers at Google's Android) were previously unaware of, but some hackers may have used it to attack systems.

The latest March 2025 update fixes two such zero-day bugs, which were exploited by threat actors in select global regions.

It has come to light that some state-sponsored espionage team using Cellebrite’s mobile forensic tools may have exploited the CVE-2024-50302 vulnerability to hack the Android phones of student activists of Serbia.

Get the latest news on new launches, gadget reviews, apps, cybersecurity, and more on personal technology only on DH Tech.