-
Malicious extensions in Chrome Web store steal user credentials
Two Chrome extensions in the Web Store named 'Phantom Shuttle' are posing as plugins for a proxy service to hijack user traffic and steal sensitive data.
- December 23, 2025
- 08:31 AM
0
-
Apple fixes two zero-day flaws exploited in 'sophisticated' attacks
Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an "extremely sophisticated attack" targeting specific individuals.
- December 12, 2025
- 06:23 PM
1
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Google fixes eighth Chrome zero-day exploited in attacks in 2025
Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year.
- December 11, 2025
- 03:01 AM
- 0
-
Google Chrome adds new security layer for Gemini AI agentic browsing
Google Chrome is introducing a new security architecture designed to protect upcoming agentic AI browsing features powered by Gemini.
- December 08, 2025
- 01:08 PM
- 2
-
ShadyPanda browser extensions amass 4.3M installs in malicious campaign
A long-running malware operation known as "ShadyPanda" has amassed over 4.3 million installations of seemingly legitimate Chrome and Edge browser extensions that evolved into malware.
- December 01, 2025
- 10:01 AM
- 0
-
Google fixes new Chrome zero-day flaw exploited in attacks
Google has released an emergency security update to fix the seventh Chrome zero-day vulnerability exploited in attacks this year.
- November 18, 2025
- 05:13 AM
- 0
-
Google Chrome to warn users before opening insecure HTTP sites
Google announced today that the Chrome web browser will load all public websites via secure HTTPS connections by default and ask for permission before connecting to public, insecure HTTP websites, beginning with Chrome 154 in October 2026.
- October 28, 2025
- 01:00 PM
- 2
-
Italian spyware vendor linked to Chrome zero-day attacks
A zero-day vulnerability in Google Chrome exploited in Operation ForumTroll earlier this year delivered malware linked to Italian spyware vendor Memento Labs, born after IntheCyber Group acquired the infamous Hacking Team.
- October 27, 2025
- 12:37 PM
- 0
-
Vidar Stealer 2.0 adds multi-threaded data theft, better evasion
The operators of Vidar Stealer, one of the most successful malware-as-a-service (MaaS) operations of the past decade, have released a new major version to reflect massive improvements in the malware.
- October 21, 2025
- 06:26 PM
- 0
-
Cursor, Windsurf IDEs riddled with 94+ n-day Chromium vulnerabilities
The latest releases of Cursor and Windsurf integrated development environments are vulnerable to more than 94 known and patched security issues in the Chromium browser and the V8 JavaScript engine.
- October 21, 2025
- 03:00 PM
- 1
-
Google Chrome to revoke browser notifications for inactive sites
Google is updating the Chrome web browser to automatically revoke notification permissions for websites that haven't been visited recently, to reduce alert overload.
- October 10, 2025
- 01:00 PM
- 4
-
Google patches sixth Chrome zero-day exploited in attacks this year
Google has released emergency security updates to patch a Chrome zero-day vulnerability, the sixth one tagged as exploited in attacks since the start of the year.
- September 18, 2025
- 03:23 AM
- 1
-
OpenAI prepares Chromium-based AI browser to take on Google
OpenAI is testing an AI-powered browser that uses Chromium as its underlying engine, and it could debut on macOS first.
- August 16, 2025
- 05:23 PM
- 3
-
Google fixes actively exploited sandbox escape zero day in Chrome
Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser's sandbox protection.
- July 16, 2025
- 05:47 AM
- 0
-
Google reveals details on Android’s Advanced Protection for Chrome
Google is sharing more information on how Chrome operates when Android mobile users enable Advanced Protection, highlighting strong security improvements.
- July 09, 2025
- 03:31 PM
- 3
-
Malicious Chrome extensions with 1.7M installs found on Web Store
Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses.
- July 08, 2025
- 10:00 AM
- 10
-
Google fixes fourth actively exploited Chrome zero-day of 2025
Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year.
- July 01, 2025
- 06:59 AM
- 0
-
Microsoft confirms Family Safety blocks Google Chrome from launching
Microsoft has confirmed that its Family Safety parental control service is blocking users from launching Google Chrome and other web browsers on Windows systems.
- June 26, 2025
- 05:50 AM
- 0
-
Google patches new Chrome zero-day bug exploited in attacks
Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year.
- June 03, 2025
- 06:22 AM
- 3
-
Google Chrome to distrust Chunghwa Telecom, Netlock certificates in August
Google says it will no longer trust root CA certificates signed by Chunghwa Telecom and Netlock in the Chrome Root Store due to a pattern of compliance failures and failure to make improvements.
- June 02, 2025
- 01:36 PM
- 0
1
