A second Chromium zero-day remote code execution exploit has been released on Twitter this week that affects current versions of Google Chrome, Microsoft Edge, and likely other Chromium-based browsers. The vulnerability is not capable of escaping Chromium’s sandbox security feature that prevents exploits from executing code or accessing files on host computers. The exploit could launch Notepad on Google Chrome 89.0.4389.128 and Microsoft Edge 89.774.76, which are the latest versions of both browsers. Google was scheduled to release Chrome 90 for Desktop yesterday, but instead released the new version of Chrome to fix the vulnerability.
Source: https://www.bleepingcomputer.com/news/security/second-google-chrome-zero-day-exploit-dropped-on-twitter-this-week/