Google's Threat Analysis Group has identified four separate campaigns targeting the Zimbra Collaboration vulnerability (CVE-2023-37580) in recent months.
The flaw is the second Chrome zero day fixed by Google this month.
Researchers recently examined more than 400 malware families and found that 25 percent of them abused legitimate internet services as part of their attack infrastructure.
Beginning with Chrome 117, Google will ship stable channel updates on a weekly basis.
The number of zero days detected in the wild in 2022 dropped 40 percent from the previous year, but researchers say that doesn't mean we're getting better at security.