Qualcomm Bootloader Vulnerability Threatens Android Devices — Google News Security (CN)

Qualcomm has confirmed a critical bootloader vulnerability affecting Android devices, including Xiaomi's Snapdragon 8Elite Gen5 models. The flaw allows unauthorized bootloader unlocking, bypassing security checks. This vulnerability, identified as CVE-2026-21666, poses significant risks of unauthorized access and potential malware installation. Security teams should prioritize patching and ensure bootloader integrity checks are enforced.

Google Chrome Patches Multiple Zero-Day Vulnerabilities — Google News Security (JP)

Google has released urgent updates for Chrome, addressing two high-severity zero-day vulnerabilities (CVE-2026-3909, CVE-2026-3910) actively exploited in the wild. These vulnerabilities allow remote code execution, impacting all platforms. Users are advised to update to v146.0.7680.80 immediately. The vulnerabilities highlight the critical need for timely patch management to prevent potential exploitation.

ShinyHunters Behind Massive Data Breaches at Telus and CarGurus — Google News Security

Cybercriminal group ShinyHunters has been linked to recent data breaches at Telus and CarGurus, compromising millions of records. The breaches exposed sensitive customer information, highlighting the group's ongoing threat to corporate data security. Organizations should enhance monitoring and threat intelligence capabilities to detect and mitigate such sophisticated attacks.

• Veeam Backup & Replicationに複数の脆弱性 12系と13系で緊急修正(CVE-2026-21666,CVE-2026-21667,CVE-2026-21668)|セキュリティとITのニュース-セキュリティ対策Lab - 合同会社ロケットボーイズ [Google News Security (JP)]
• 「Microsoft Edge 146」が公開、「Chromium」のゼロデイ脆弱性にも一部対処 - 窓の杜 [Google News Security (JP)]
• Google、Chrome 緊急 アップデート公開 2件の高深刻度 脆弱性を修正、いずれも既に悪用を確認(CVE-2026-3909,CVE-2026-3910)|セキュリティニュースのセキュリティ対策Lab - 合同会社ロケットボーイズ [Google News Security (JP)]
• Loblaw Data Breach Impacts Customer Information - SecurityWeek [Google News Security]