Skip to main content

On This Page
← AI News
AI News Cyber Security Software Vulnerability

New 'Brash' Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

2 min read
Share

These articles are AI-generated summaries. Please check the original sources for full details.

New ‘Brash’ Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

A critical vulnerability in Chromium’s Blink rendering engine, codenamed Brash, enables attackers to crash Chromium-based browsers within seconds by exploiting uncontrolled DOM operations. Disclosed by security researcher Jose Pino, the flaw leverages the absence of rate limiting on the document.title API, allowing malicious actors to overwhelm the browser’s UI thread with excessive updates.

Vulnerability Overview

  • Nature: A timing-attack vulnerability in Chromium’s DOM handling mechanism.
  • Impact: Causes immediate browser crashes and system performance degradation.
  • Scope: Affects all Chromium-based browsers (Chrome, Edge, Brave, Opera, etc.) but not Firefox or Safari.
  • Trigger: A single malicious URL click can initiate the attack.

Attack Mechanism

The exploit operates in three distinct phases:

  1. Hash Generation/Preparation Phase

    • Process: Attacker preloads 100 unique 512-character hexadecimal strings into memory to serve as seeds for title updates.
    • Purpose: Maximizes the randomness and volume of title changes to overwhelm the browser.

  2. Burst Injection Phase

    • Action: Injects bursts of three consecutive document.title updates at 1ms intervals.
    • Rate: Default configuration achieves ~24 million updates per second.
    • Effect: Floods the browser’s main thread with DOM mutations.

  3. UI Thread Saturation Phase

    • Outcome: Continuous updates saturate the browser’s UI thread, causing unresponsiveness.
    • Result: Requires manual termination of the browser process.

Temporal Precision Capability

  • Feature: The exploit can be programmed to activate at a specific time (e.g., a “logic bomb” detonating after a delay).
  • Implication: Evades initial detection by remaining dormant until triggered, enabling targeted attacks.

Affected Systems

  • Browsers: Google Chrome, Microsoft Edge, Brave, Opera, Vivaldi, Arc Browser, Dia Browser, OpenAI ChatGPT Atlas, Perplexity Comet.
  • Exemptions: Mozilla Firefox, Apple Safari, and iOS-based browsers (WebKit engine).

Mitigation and Response

  • Status: Google has not yet responded to the disclosure (as of October 30, 2025).
  • Recommendations: Users should avoid clicking untrusted URLs and await official patches.

For further details, refer to the original report:
https://thehackernews.com/2025/10/new-brash-exploit-crashes-chromium.html

Continue reading

Next article

PhantomRaven Malware Exploits npm Packages to Steal Developer Secrets

Related Content

Oct 10, 2025

10 Malicious npm Packages Caught Stealing Developer Credentials Across Operating Systems

Cybersecurity researchers uncovered 10 typosquatted npm packages that deliver a 24MB PyInstaller info stealer, stealing credentials from Windows, macOS, and Linux systems via obfuscation and postinstall hooks.

Read article
Nov 21, 2025

Grafana Patches CVSS 10.0 SCIM Flaw Enabling Impersonation and Privilege Escalation

Grafana addresses a critical CVSS 10.0 vulnerability in SCIM allowing user impersonation and privilege escalation in versions 12.x.

Read article
Jan 7, 2026

Critical n8n Vulnerability (CVSS 10.0) Allows Unauthenticated Server Takeover

A critical CVSS 10.0 vulnerability, dubbed 'Ni8mare', in n8n allows unauthenticated attackers to gain full control of servers.

Read article