-
Data-stealing Chrome extensions impersonate Fortinet, YouTube, VPNs
A Google Chrome Web Store campaign uses over 100 malicious browser extensions that mimic legitimate tools, such as VPNs, AI assistants, and crypto utilities, to steal browser cookies and execute remote scripts secretly.
- May 21, 2025
- 11:13 AM
0
-
CISA tags recently patched Chrome bug as actively exploited
On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser.
- May 16, 2025
- 04:13 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Google fixes high severity Chrome flaw with public exploit
Google has released emergency security updates to patch a high-severity Chrome vulnerability that has a public exploit and can let attackers hijack accounts.
- May 15, 2025
- 04:25 AM
- 0
-
Google Chrome to block admin-level browser launches for better security
Google is rolling out a change to Chromium that "de-elevates" Google Chrome so it does not run as an administrator to increase security in Windows.
- May 14, 2025
- 04:25 PM
- 1
-
Google Chrome to use on-device AI to detect tech support scams
Google is implementing a new Chrome security feature that uses the built-in 'Gemini Nano' large-language model (LLM) to detect and block tech support scams while browsing the web.
- May 09, 2025
- 01:49 PM
- 1
-
Cookie-Bite attack PoC uses Chrome extension to steal session tokens
A proof-of-concept attack called "Cookie-Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, Outlook, and Teams.
- April 22, 2025
- 11:02 AM
- 0
-
Chrome extensions with 6 million installs have hidden tracking code
A set of 57 Chrome extensions with 6,000,000 users have been discovered with very risky capabilities, such as monitoring browsing behavior, accessing cookies for domains, and potentially executing remote scripts.
- April 17, 2025
- 12:50 PM
- 2
-
Chrome 136 fixes 20-year browser history privacy risk
Google is fixing a long-standing privacy issue that, for years, enabled websites to determine users' browsing history through the previously visited links.
- April 13, 2025
- 10:18 AM
- 2
-
Google fixes Chrome zero-day exploited in espionage campaign
Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser's sandbox and deploy malware in espionage attacks targeting Russian media outlets and government organizations.
- March 26, 2025
- 02:42 AM
- 0
-
Malicious Chrome extensions can spoof password managers in new attack
A newly devised "polymorphic" attack allows malicious Chrome extensions to morph into other browser extensions, including password managers, crypto wallets, and banking apps, to steal sensitive information.
- March 06, 2025
- 09:19 AM
- 1
-
Google Chrome disables uBlock Origin for some in Manifest v3 rollout
Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions.
- February 21, 2025
- 04:23 PM
- 27
-
Google Chrome's AI-powered security feature rolls out to everyone
Google Chrome has updated the existing "Enhanced protection" feature with AI to offer "real-time" protection against dangerous websites, downloads and extensions.
- February 16, 2025
- 07:01 PM
- 6
-
Microsoft improves text contrast for all Windows Chromium browsers
Microsoft says it improved the contrast of text rendered in all Chromium-based web browsers on Windows, making it more readable on some displays.
- January 31, 2025
- 12:36 PM
- 0
-
Google to kill Chrome Sync on older Chrome browser versions
Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years.
- January 28, 2025
- 03:44 PM
- 0
-
Google launches customizable Web Store for Enterprise extensions
Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees' web browsers.
- January 23, 2025
- 02:42 PM
- 0
-
Malicious Browser Extensions are the Next Frontier for Identity Attacks
A recent campaign targeting browser extensions illustrates that they are the next frontier in identity attacks. Learn more about these attacks from LayerX Security and how to receive a free extension audit.
- January 07, 2025
- 10:02 AM
- 0
-
Google Chrome is making it easier to share specific parts of long PDFs
Google is adding the Text Fragment feature to its PDF reader to make it easier to share specific parts of long PDFs.
- January 04, 2025
- 02:18 PM
- 0
-
Google Chrome uses AI to analyze pages in new scam detection feature
Google is using artificial intelligence to power a new Chrome scam protection feature that analyzes brands and the intent of pages as you browse the web.
- December 20, 2024
- 04:31 PM
- 2
-
Google Chrome’s AI feature lets you quickly check website trustworthiness
Google Chrome's upcoming feature uses AI to provide a summary of reviews from independent websites about the store or website you're visiting.
- December 02, 2024
- 05:46 AM
- 2
-
New Glove infostealer malware bypasses Chrome’s cookie encryption
New Glove Stealer information-stealing malware can bypass Google Chrome's Application-Bound (App-Bound) encryption to steal browser cookies.
- November 14, 2024
- 03:47 PM
- 0
