A security researcher has released a working proof-of-concept exploit for a remote code execution vulnerability for the V8 JavaScript engine in Chromium-based browsers. The vulnerability is believed to be the same one used by Dataflow Security’s Bruno Keith and Niklas Baumstark at Pwn2Own 2021, where the researchers exploited Google Chrome and Microsoft Edge. Google is expected to release Chrome 90 to the Stable channel tomorrow, and we will have to see if the upcoming version includes a fix for this vulnerability.
Source: https://www.bleepingcomputer.com/news/security/google-chrome-microsoft-edge-zero-day-vulnerability-shared-on-twitter/