Skip to main content

Tag: google chrome

36 articles

Smartphone with Chrome app open on a neutral surface, showing a Google sign-in page and blurred tabs.

Stalkers Exploit Chrome's Sync Feature for Surveillance

Imagine having your every online move tracked by someone you trust - all because they exploited a feature meant to make your life easier. A security researcher found that a stalker can use Google Chrome's sync feature to monitor a victim's online activity, gaining access to their browsing history from anywhere in the world.

Analyst 207
Cluttered software development workspace with computer screens and terminals, one central laptop lid slightly ajar.

North Korean Hackers Publish 108 Malicious Packages in PolinRider Campaign

North Korean hackers have unleashed a massive wave of malware, publishing 108 malicious packages and web browser extensions across popular platforms like npm, Packagist, Go, and Google Chrome as part of their sneaky PolinRider campaign. This ongoing operation has already produced 162 malicious release artifacts and compromised thousands of systems worldwide.

Analyst 207
Google Chrome browser window on laptop with YouTube open, surrounded by home office setting.

Popular Chrome Ad Blocker Exposes Script Injection Risk

A popular Chrome ad blocker with over 10 million installs, Adblock for YouTube, has been found to have a shocking vulnerability that could allow hackers to inject malicious JavaScript into any website, all with just a single server-side tweak. This means users could be exposed to serious security risks without even realizing anything has changed.

Analyst 207
Google Chrome browser window on a laptop with blurred extensions page and cityscape outside.

Chrome Extensions Exploit User Data for Adware, Fake Traffic

Beware of Chrome extensions that seem too good to be true: 152 fake live wallpaper and new-tab add-ons have been downloaded around 105,000 times and are secretly spreading adware and fake traffic. These malicious extensions, masquerading as popular themes, have been hiding in plain sight on the Chrome Web Store.

Analyst 207
Technicians work in a brightly lit network operations room with a central router or switch surrounded by equipment and…

CISA Flags Cisco, Chrome, Arista Flaws as Actively Exploited

Stay safe online: CISA has flagged serious vulnerabilities in Cisco, Chrome, and Arista that are being actively exploited by hackers, so take action now to protect your systems. These flaws could let attackers gain unauthorized access, making it crucial to update your software ASAP.

Analyst 207
Laptop screen on a desk with blurred background, conveying urgency and vulnerability.

Google Chrome Zero-Day Exploited in Wild, Prompting Urgent Patch

Google just dropped an urgent update for Chrome, and you need to know why: a zero-day exploit, tracked as CVE-2026-11645, has been found in the wild, allowing hackers to execute malicious code inside your browser. This critical vulnerability lets attackers access memory outside of Chrome's intended limits, putting your online safety at risk.

Analyst 207
Person using laptop in casual setting with natural daylight.

Google Chrome Zero-Day Exploited in Fifth Bug of the Year

Google just patched its fifth zero-day vulnerability of the year, a high-severity bug in Chrome that hackers were actively exploiting - and paid a $55,000 reward to the researcher who discovered it. If you use Chrome, make sure you're running the latest version to stay protected!

Analyst 207
Laptop on a home office desk with a blank screen, smartphone, and notebook nearby.

Google Chrome Bolsters Defenses with Cookie Theft Protection Rollout

Google's new Cookie Theft Protection is a game-changer, tying session cookies to device hardware to prevent hackers from using stolen cookies to access your accounts. This cutting-edge tech binds user sessions to a machine's security chip, making it virtually impossible for thieves to get in.

Analyst 207
Person working at desk with laptop in a well-lit office setting.

Malicious AI Browser Extensions Exfiltrate User Data

Beware of AI browser extensions that promise to boost productivity but secretly steal your data. Researchers uncovered 18 malicious extensions that masquerade as helpful tools but deliver spyware, Trojans, and other threats that can hijack your online activity.

Analyst 207
Person in dark room surrounded by screens with varied images, face obscured, eyes fixed on one screen, with shattered…

Google Chrome Fails to Thwart Browser Fingerprinting

If a browser claims to be safe but fails to block one of the easiest ways for advertisers to track you online, can it really be considered safe? Google Chrome, despite its reputation for security, surprisingly leaves users vulnerable to browser fingerprinting, a pervasive tracking method that can uniquely identify and follow you around the web.

Analyst 207
Person hunched over laptop in dimly lit room, frantically typing amidst multiple screens and cables.

Microsoft Rushes Fixes for 167 Vulnerabilities Amid Zero-Day Exploits

Microsoft just rolled out urgent Patch Tuesday fixes for a whopping 167 vulnerabilities in Windows and related software, including zero-day exploits in SharePoint Server and Windows Defender. But with threats evolving at breakneck speed, can patches keep up to protect our increasingly software-reliant lives?

Analyst 207
Shadowy figure lurks beside a laptop and smartphone, surrounded by tangled cables, symbolizing digital vulnerability.

Malicious Chrome Extensions Exfiltrate User Data

Malicious actors have hijacked 108 Google Chrome extensions, quietly harvesting user data and turning every webpage into a playground for ad injection and code execution - putting around 20,000 users at risk. This sneaky campaign, discovered by cybersecurity researchers, uses a single command-and-control system to wreak havoc on unsuspecting browsers.

Analyst 207
A padlock secures a fragile-looking cookie on a laptop screen, set against a dark cityscape at dusk.

Google Chrome Bolsters Defenses Against Infostealer Cookie Heists

Google Chrome just got a major security boost with its new Device Bound Session Credentials feature, designed to prevent infostealers from swiping your session cookies and letting hackers impersonate you without a password. This update is a game-changer in the fight against cookie heists and stolen login credentials.

Analyst 207
Person sits in dimly lit room with multiple screens displaying ghostly windows, one laptop screen showing secure login…

Google Deploys DBSC in Chrome to Thwart Windows Session Hijacking

Google just flipped the switch on Device Bound Session Credentials (DBSC) for Chrome users on Windows, giving millions a major security boost against session hijacking - but what does it mean for you? This game-changing update ties your credentials to your device, making it much harder for hackers to get hold of your online sessions.

Analyst 207
Padlock secures cookie jar amidst shattered glass and crumbs, with eerie laptop glow in background.

Google Chrome Bolsters Defenses Against Session Cookie Theft

Google Chrome just got a major security boost with the introduction of Device Bound Session Credentials (DBSC) protection, designed to block info-stealing malware from harvesting session cookies and putting your online credentials at risk. This move is a key step in the ongoing cat-and-mouse game between defenders and cyber threats.

Analyst 207
Google Chrome Zero-Day Flaw CVE-2026-5281 Under Active Exploitation

Google Chrome Zero-Day Flaw CVE-2026-5281 Under Active Exploitation

Google just patched a zero-day vulnerability in Chrome (CVE-2026-5281) that's already being exploited in the wild, so it's crucial to update your browser ASAP to avoid potential risks. This urgent patch is a stark reminder that even secure software can become a target overnight.

Analyst 207
Google Patches Fourth Chrome Zero-Day Exploited in 2026 Attacks

Google Patches Fourth Chrome Zero-Day Exploited in 2026 Attacks

Google just patched the fourth Chrome zero-day vulnerability of 2026, a sobering reminder that attackers are relentlessly targeting the browser ecosystem with increasingly sophisticated threats. This latest emergency fix highlights the urgent need for users to stay vigilant and up-to-date with the latest security patches.

Analyst 207
Chrome updates: Exclusive rapid fixes for safer browsing

Chrome updates: Exclusive rapid fixes for safer browsing

Chrome updates just went into overdrive — Google will push security fixes every two weeks across desktop, Android and iOS to shrink the window attackers have to weaponize bugs. Enterprises can still opt into an eight‑week Extended Stable channel for predictable testing and rollouts.

Analyst 207
Chrome Gemini panel Exclusive: Dangerous Extension Risk

Chrome Gemini panel Exclusive: Dangerous Extension Risk

If convenience opens a door, who will walk through it? A high‑severity bug let malicious extensions hijack Chrome’s Gemini Live panel and inherit dangerous privileges — now patched, but a clear warning that AI features are reshaping the browser threat model.

Analyst 207
Google Exclusive Fix for Critical Chrome V8 Zero-Day

Google Exclusive Fix for Critical Chrome V8 Zero-Day

Google just pushed an emergency Chrome update to fix a critical, actively exploited V8 JavaScript type‑confusion zero‑day (CVE‑2025‑13223, CVSS 8.8); update your browser—or call IT—now, because a single malicious page can lead to full host compromise.

Analyst 207
Cracked smartphone screen with shattered lock and cityscape background, symbolizing security breach and vulnerability.

Chromium Critical Flaw: Exclusive Unpatched Alert

An unpatched Chromium flaw in the Blink rendering engine can crash browsers — and even freeze whole machines — in seconds, creating a real operational and security risk. If you manage desktops, kiosks or enterprise systems, this is one bug you need to take seriously now.

Analyst 207
Dark cityscape with giant cracked smartphone screen hovering above skyscrapers, reflecting laptop screens below, with a…

Chrome Zero-Day Exclusive: Dangerous Mem3nt0 mori Attacks

A fresh Chrome zero-day is powering dangerous Mem3nt0 mori attacks. Learn how they work and what quick steps you can take to stay safe.

Analyst 207
WhatsApp Web automation: Risky Must-Have Threat

WhatsApp Web automation: Risky Must-Have Threat

What looked like handy WhatsApp Web productivity add-ons were actually 131 cloned Chrome extensions hijacked to blast spam across Brazil, reaching about 20,900 users before takedown. Socket’s investigation is a wake-up call—check extension reputations, limit permissions, and treat browser add-ons with the same caution you’d give any app that touches your messages.

Analyst 207
Cybersecurity vulnerabilities: Must-Have Best Practices

Cybersecurity vulnerabilities: Must-Have Best Practices

This week’s roundup uncovers alarming flaws—from a critical SharePoint bug that can expose entire orgs to a Chrome exploit that makes ordinary browsing risky—showing attackers now target overlooked misconfigurations as much as flashy zero-days. Stay ahead by prioritizing patching, hardening defaults, and boosting monitoring to keep your data safe.

Analyst 207