Chrome users, heads up: CERT-In flags a big WebView security bug

Technology Jan 20, 2026

CERT-In (India's cybersecurity agency) just warned in January 2026 about a serious Chrome WebView vulnerability that lets hackers sneak past browser restrictions if you accidentally install a shady extension.
This bug could let attackers inject harmful scripts or code into important pages, putting your data at risk.
The issue affects Chrome on Linux (before version 143.0.7499.192), and on Windows and Mac (before version 143.0.7499.192/.193), plus Android apps using WebView.

Here's how to stay safe

Google has released updates in January 2026, but you need to update Chrome yourself if you haven't already.
Just tap the three dots in Chrome > Settings > About Chrome and let it update—then restart the browser.
If you're in charge of devices at work or school, make sure everyone patches up fast to keep things secure.