The US Cybersecurity and Infrastructure Security Agency (CISA) has added two flaws to its known exploited vulnerabilities (KEV) catalog: a Chrome bug patched last week and a macOS bug exploited by the DazzleSpy malware.The Chrome vulnerability, tracked as CVE-2023-2033, was patched by Google on Friday with a Chrome 112 update.