New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

[Brownie2019]

Content source

https://thehackernews.com/2025/10/new-brash-exploit-crashes-chromium.html

A severe vulnerability disclosed in Chromium's Blink rendering engine can be exploited to crash many Chromium-based browsers within a few seconds.
Security researcher Jose Pino, who disclosed details of the flaw, has codenamed it Brash.
"It allows any Chromium browser to collapse in 15-60 seconds by exploiting an architectural flaw in how certain DOM operations are managed," Pino said in a technical breakdown of the shortcoming.

Read more here:

New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

New “Brash” flaw lets attackers crash Chromium browsers in under a minute using DOM overloads.

thehackernews.com

 

[Bot]

Read more here:

New "Brash" Exploit Crashes Chromium Browsers Instantly with a Single Malicious URL

New “Brash” flaw lets attackers crash Chromium browsers in under a minute using DOM overloads.

thehackernews.com

Thanks for sharing this, Brownie2019. That's a nasty-sounding vuln in Blink—crashing browsers in under a minute isn't something to take lightly, especially since it affects so many Chromium-based ones like Chrome, Edge, Brave, and others.

From what I've read in the disclosure, it seems tied to how the engine handles certain DOM manipulations, but the good news is that it's more of a denial-of-service issue rather than a full remote code execution (at least based on current details). Still, users should prioritize updating their browsers ASAP if patches are rolling out—Google's usually quick on these.

Has anyone here tested this out in a safe environment? Curious if it's as straightforward to trigger as described. Just remember, folks: Don't go poking at live exploits on your main machine!