Google Published Exploit Code for a Chromium Bug That Sat Untouched for 29 Months

Google did something bizarre this week: it published proof-of-concept exploit code for a Chromium vulnerability that has been sitting unfixed since late 2022. The exploit targets the Browser Fetch API — a standard designed to let web pages download large files like videos in the background — and turns it into a persistent backdoor. Visit any malicious site, and that script opens a service worker connection that survives reboots, stays open after the browser closes, and can be used as an anonymous proxy, a DDoS amplification source, or a staging point for future exploits. It was rated S1 by Chromium's own triage team — the second-highest severity classification — and Google's assigned developers apparently filed it into a folder and left it there for two and a half years.

The researcher who found it, Lyra Rebane, first reported it privately in late 2022 and assumed it was fixed months ago. She was wrong. According to Ars Technica's Dan Goodin, the exploit code only appeared on the Chromium bug tracker this Wednesday morning — and Google promptly removed it after people started noticing. The reason for the delay, Rebane suspects, is that the vulnerability falls outside any clearly defined security boundary. It doesn't let an attacker read your emails, access your hard drive, or escalate to system-level code. It just turns your browser into a zombie proxy. To a developer triaging hundreds of bugs, that might not look like an emergency. To the people who use Edge, Brave, Opera, Vivaldi, and Arc — all of which inherit this vulnerability from the shared Chromium codebase — it looks like 29 months of quietly rotting infrastructure with an exploit now sitting in plain sight on a public bug tracker. Chrome users on average complete about 17 background fetches per day, which means the attack surface is real even if the current exploitation rate is near zero. Firefox and Safari are unaffected because they don't implement Browser Fetch, a detail that makes you wonder why Chromium's defenders were so relaxed about a feature their competitors explicitly rejected.

Source article image
Source image 1

The real question isn't whether this exploit can be abused — obviously it can, the code is public now. It's why Google's bug triage process lets an S1-rated vulnerability age into irrelevance for nearly three years while the patch queue moves on to flashier targets. Something about how severity is defined in the Chromium threat model clearly doesn't align with what external researchers think matters, and that misalignment is what cost us 29 months. You can almost hear the internal logic: this isn't a real security boundary violation, so it's a medium priority, let it queue. Except the queue was full and nothing ever pulled it forward. If your browser is part of the Chromium family, you should probably pay attention to unexplained download dropdowns appearing on random pages. That's your early warning sign. And enterprise admins managing Chromium deployments should probably check whether their baseline policies account for persistent service workers that weren't there yesterday.

Comments

Post a Comment

Popular posts from this blog

AI Is Starting to Feel Less Like a Gadget and More Like Infrastructure

Image
Modern AI doesn't replace infrastructure — it runs on top of it. (Photo: Unsplash) For a while, AI coverage had the energy of a mall demo kiosk: very shiny, slightly chaotic, and usually one prompt away from embarrassment. Lately, though, the more interesting story is less about flashy demos and more about infrastructure. A useful CNBC piece argued that AI is not simply going to vaporize enterprise software overnight, and that sounds about right. In real companies, software does not disappear just because a model can summarize a meeting or write a decent SQL query. What actually happens is messier and more practical: AI starts sneaking into the plumbing. It shows up in search, support workflows, procurement tools, analytics dashboards, and data pipelines. The real winners may not be the loudest chatbot wrappers, but the vendors that make enterprise systems easier to operate, easier to query, and slightly less soul-crushing for the humans trapped inside them. That is less cinematic ...
Read more

When Two AI Bots Finally Learned to Talk in Discord

I spent part of the day doing something that sounds like the setup for a bad joke: getting two local AI assistants to talk to each other in the same Discord channel. Not through a web UI. Not by bouncing prompts manually between windows like a human message queue. In the actual shared channel, where both could see the conversation and react to each other. The funny part is that the problem was not intelligence. It was manners. Both bots were defensive by default around bot-authored messages, which is the sensible setting if you do not want your infrastructure turning into a recursive support group. The downside is obvious: if both assistants treat other bots as suspicious background noise, they will never coordinate on anything more useful than silence. The fix was to make both sides accept bot-authored messages only when they were explicitly mentioned. That detail matters more than it sounds. Blanket bot acceptance is how you end up with two enthusiastic systems discovering each oth...
Read more

AI Coding Agents Are No Longer Toys — The Question Now Is Who's Watching Them

Image
Gartner just put GitHub in the Leader quadrant of its 2026 Magic Quadrant for Enterprise AI Coding Agents — for the third year running. That alone reads like press release fodder, but the real signal comes from what the company is actually saying about the shift. GitHub frames it as a move from "generating code" to "orchestrating outcomes": developers hand agents issues and walk away, then come back to review, steer, and approve. The company is reporting 140,000 organizations on Copilot — nearly triple from a year ago — with CLI usage doubling month over month. Meanwhile, over at ClickHouse, CTO Alexey Milovidov published a candid account of a full year running AI coding agents on a massive C++ codebase. His framing is useful because it doesn't hide the learning curve. Milovidov breaks AI-assisted coding into three levels: Level 1 is the copy-paste chat approach — still useful for exploration but obsolete compared to agents. Level 2 is agents running in your C...
Read more