Tag: google chrome
36 articles

Stalkers Exploit Chrome's Sync Feature for Surveillance
Imagine having your every online move tracked by someone you trust - all because they exploited a feature meant to make your life easier. A security researcher found that a stalker can use Google Chrome's sync feature to monitor a victim's online activity, gaining access to their browsing history from anywhere in the world.

North Korean Hackers Publish 108 Malicious Packages in PolinRider Campaign
North Korean hackers have unleashed a massive wave of malware, publishing 108 malicious packages and web browser extensions across popular platforms like npm, Packagist, Go, and Google Chrome as part of their sneaky PolinRider campaign. This ongoing operation has already produced 162 malicious release artifacts and compromised thousands of systems worldwide.

Popular Chrome Ad Blocker Exposes Script Injection Risk
A popular Chrome ad blocker with over 10 million installs, Adblock for YouTube, has been found to have a shocking vulnerability that could allow hackers to inject malicious JavaScript into any website, all with just a single server-side tweak. This means users could be exposed to serious security risks without even realizing anything has changed.

Chrome Extensions Exploit User Data for Adware, Fake Traffic
Beware of Chrome extensions that seem too good to be true: 152 fake live wallpaper and new-tab add-ons have been downloaded around 105,000 times and are secretly spreading adware and fake traffic. These malicious extensions, masquerading as popular themes, have been hiding in plain sight on the Chrome Web Store.

CISA Flags Cisco, Chrome, Arista Flaws as Actively Exploited
Stay safe online: CISA has flagged serious vulnerabilities in Cisco, Chrome, and Arista that are being actively exploited by hackers, so take action now to protect your systems. These flaws could let attackers gain unauthorized access, making it crucial to update your software ASAP.

Google Chrome Zero-Day Exploited in Wild, Prompting Urgent Patch
Google just dropped an urgent update for Chrome, and you need to know why: a zero-day exploit, tracked as CVE-2026-11645, has been found in the wild, allowing hackers to execute malicious code inside your browser. This critical vulnerability lets attackers access memory outside of Chrome's intended limits, putting your online safety at risk.

Google Chrome Zero-Day Exploited in Fifth Bug of the Year
Google just patched its fifth zero-day vulnerability of the year, a high-severity bug in Chrome that hackers were actively exploiting - and paid a $55,000 reward to the researcher who discovered it. If you use Chrome, make sure you're running the latest version to stay protected!

Google Chrome Bolsters Defenses with Cookie Theft Protection Rollout
Google's new Cookie Theft Protection is a game-changer, tying session cookies to device hardware to prevent hackers from using stolen cookies to access your accounts. This cutting-edge tech binds user sessions to a machine's security chip, making it virtually impossible for thieves to get in.

Malicious AI Browser Extensions Exfiltrate User Data
Beware of AI browser extensions that promise to boost productivity but secretly steal your data. Researchers uncovered 18 malicious extensions that masquerade as helpful tools but deliver spyware, Trojans, and other threats that can hijack your online activity.

Google Chrome Fails to Thwart Browser Fingerprinting
If a browser claims to be safe but fails to block one of the easiest ways for advertisers to track you online, can it really be considered safe? Google Chrome, despite its reputation for security, surprisingly leaves users vulnerable to browser fingerprinting, a pervasive tracking method that can uniquely identify and follow you around the web.

Microsoft Rushes Fixes for 167 Vulnerabilities Amid Zero-Day Exploits
Microsoft just rolled out urgent Patch Tuesday fixes for a whopping 167 vulnerabilities in Windows and related software, including zero-day exploits in SharePoint Server and Windows Defender. But with threats evolving at breakneck speed, can patches keep up to protect our increasingly software-reliant lives?

Malicious Chrome Extensions Exfiltrate User Data
Malicious actors have hijacked 108 Google Chrome extensions, quietly harvesting user data and turning every webpage into a playground for ad injection and code execution - putting around 20,000 users at risk. This sneaky campaign, discovered by cybersecurity researchers, uses a single command-and-control system to wreak havoc on unsuspecting browsers.

Google Chrome Bolsters Defenses Against Infostealer Cookie Heists
Google Chrome just got a major security boost with its new Device Bound Session Credentials feature, designed to prevent infostealers from swiping your session cookies and letting hackers impersonate you without a password. This update is a game-changer in the fight against cookie heists and stolen login credentials.

Google Deploys DBSC in Chrome to Thwart Windows Session Hijacking
Google just flipped the switch on Device Bound Session Credentials (DBSC) for Chrome users on Windows, giving millions a major security boost against session hijacking - but what does it mean for you? This game-changing update ties your credentials to your device, making it much harder for hackers to get hold of your online sessions.

Google Chrome Bolsters Defenses Against Session Cookie Theft
Google Chrome just got a major security boost with the introduction of Device Bound Session Credentials (DBSC) protection, designed to block info-stealing malware from harvesting session cookies and putting your online credentials at risk. This move is a key step in the ongoing cat-and-mouse game between defenders and cyber threats.

Google Chrome Zero-Day Flaw CVE-2026-5281 Under Active Exploitation
Google just patched a zero-day vulnerability in Chrome (CVE-2026-5281) that's already being exploited in the wild, so it's crucial to update your browser ASAP to avoid potential risks. This urgent patch is a stark reminder that even secure software can become a target overnight.

Google Patches Fourth Chrome Zero-Day Exploited in 2026 Attacks
Google just patched the fourth Chrome zero-day vulnerability of 2026, a sobering reminder that attackers are relentlessly targeting the browser ecosystem with increasingly sophisticated threats. This latest emergency fix highlights the urgent need for users to stay vigilant and up-to-date with the latest security patches.

Chrome updates: Exclusive rapid fixes for safer browsing
Chrome updates just went into overdrive — Google will push security fixes every two weeks across desktop, Android and iOS to shrink the window attackers have to weaponize bugs. Enterprises can still opt into an eight‑week Extended Stable channel for predictable testing and rollouts.

Chrome Gemini panel Exclusive: Dangerous Extension Risk
If convenience opens a door, who will walk through it? A high‑severity bug let malicious extensions hijack Chrome’s Gemini Live panel and inherit dangerous privileges — now patched, but a clear warning that AI features are reshaping the browser threat model.

Google Exclusive Fix for Critical Chrome V8 Zero-Day
Google just pushed an emergency Chrome update to fix a critical, actively exploited V8 JavaScript type‑confusion zero‑day (CVE‑2025‑13223, CVSS 8.8); update your browser—or call IT—now, because a single malicious page can lead to full host compromise.

Chromium Critical Flaw: Exclusive Unpatched Alert
An unpatched Chromium flaw in the Blink rendering engine can crash browsers — and even freeze whole machines — in seconds, creating a real operational and security risk. If you manage desktops, kiosks or enterprise systems, this is one bug you need to take seriously now.

Chrome Zero-Day Exclusive: Dangerous Mem3nt0 mori Attacks
A fresh Chrome zero-day is powering dangerous Mem3nt0 mori attacks. Learn how they work and what quick steps you can take to stay safe.

WhatsApp Web automation: Risky Must-Have Threat
What looked like handy WhatsApp Web productivity add-ons were actually 131 cloned Chrome extensions hijacked to blast spam across Brazil, reaching about 20,900 users before takedown. Socket’s investigation is a wake-up call—check extension reputations, limit permissions, and treat browser add-ons with the same caution you’d give any app that touches your messages.

Cybersecurity vulnerabilities: Must-Have Best Practices
This week’s roundup uncovers alarming flaws—from a critical SharePoint bug that can expose entire orgs to a Chrome exploit that makes ordinary browsing risky—showing attackers now target overlooked misconfigurations as much as flashy zero-days. Stay ahead by prioritizing patching, hardening defaults, and boosting monitoring to keep your data safe.