Neural Newscast

menu close

Qualcomm Android Zero-Day and Chrome AI Extension Risks [Prime Cyber Insights]

/ 05:19/E1108
In today's briefing, we analyze the exploitation of a high-severity zero-day in a Qualcomm Android component and a critical flaw in Chrome’s Gemini side panel. Google confirmed that CVE-2026-21385, a buffer over-read in the Qualcomm Graphics component, is currently under targeted exploitation. Simultaneously, research from Malwarebytes highlights CVE-2026-0628, which allowed low-privilege extensions to hijack Chrome's AI-integrated side panel, gaining unauthorized access to cameras, microphones, and local files. We also examine the SloppyLemming threat group's recent campaign targeting Pakistan and Bangladesh. Arctic Wolf reports the group has significantly expanded its infrastructure, utilizing over 112 Cloudflare Workers to deploy the BurrowShell backdoor and a new Rust-based keylogger. Finally, we cover a massive data breach in France, where 15.8 million administrative records were stolen from the medical software provider Cegedim Santé, including sensitive notes penned by physicians. Chad Thompson joins us to discuss the systemic risks of integrating AI agents into browser environments and the ongoing challenges of third-party software supply chains in critical infrastructure.

Today’s briefing examines critical vulnerabilities in mobile and browser ecosystems, starting with a confirmed zero-day in a Qualcomm Graphics component affecting Android devices. Google reports that CVE-2026-21385 is seeing limited, targeted exploitation in the wild, necessitating immediate patching via the March 2026 security update. We then pivot to the risks of 'agentic' AI, detailing a high-severity flaw in Chrome’s Gemini panel that allowed extensions to bypass traditional isolation boundaries. The episode also analyzes the SloppyLemming group's evolving tactics in South Asia, including their transition to Rust-based malware and extensive use of Cloudflare Workers. Finally, we address the theft of 15.8 million medical records from France’s health ministry via a third-party breach at Cegedim Santé.

Topics Covered

  • 🔒 Android and Qualcomm Zero-Day exploitation analysis.
  • 🤖 Chrome Gemini extension hijacking risks and CVE-2026-0628.
  • ⚠️ SloppyLemming's regional infrastructure expansion and Rust malware.
  • 🏥 French health ministry data breach at Cegedim Santé.
  • 🛡️ Strategic implications for enterprise resilience and risk math.

Disclaimer: Prime Cyber Insights provides practitioner-oriented analysis; listeners should consult their own security policies and vendor advisories for specific implementation guidance.

Neural Newscast is AI-assisted, human reviewed. View our AI Transparency Policy at NeuralNewscast.com.

  • (00:28) - Mobile and AI Vulnerabilities
  • (03:18) - Conclusion
Qualcomm Android Zero-Day and Chrome AI Extension Risks [Prime Cyber Insights]

headphones Listen Anywhere

More Options »
Broadcast by