Tag: browser
-
Firefox Will Give Users an AI Kill Switch for Better Privacy
Not everyone wants AI in their browser. Firefox 148 is introducing easy toggles to disable chatbots and AI tab grouping. Discover how Mozilla is prioritising user choice and privacy in its latest 2026 update. First seen on hackread.com Jump to article: hackread.com/firefox-users-ai-kill-switch-better-privacy/
-
Ad blocking is alive and well, despite Chrome’s attempts to make it harder
The end isn’t nigh after all First seen on theregister.com Jump to article: www.theregister.com/2026/02/06/chrome_mv3_no_harm_ad_blocking/
-
Chrome Vulnerabilities Allow Code Execution, Browser Crashes
Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites. The post Chrome Vulnerabilities Allow Code Execution, Browser Crashes appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-chrome-security-update-february-2026/
-
Chrome Vulnerabilities Allow Code Execution and Browser Crashes
Google has patched two high-severity Chrome flaws that could allow code execution or browser crashes. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/chrome-vulnerabilities-allow-code-execution-and-browser-crashes/
-
Chrome Flaws Enable Arbitrary Code Execution and System Crashes
Google has released a new Stable Channel update for Chrome (version 144.0.7559.132/.133) on February 3, 2026, addressing two high”‘severity vulnerabilities that could allow attackers to execute arbitrary code or cause system crashes. The update is rolling out gradually for Windows, macOS, and Linux users. According to Google’s security advisory, both vulnerabilities were discovered recently and could be exploited…
-
Chrome Add-On Caught Stealing Amazon Commissions
A Chrome extension posing as an Amazon ad blocker was caught hijacking affiliate links in the background, redirecting commissions without user consent. The post Chrome Add-On Caught Stealing Amazon Commissions appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-amazon-ads-blocker-extension-affiliate-hijacking/
-
Firefox to let users manage and block AI features
Mozilla will add a set of controls in Firefox that let users manage and block GenAI features in the desktop browser. The controls will be included in Firefox version 148 on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/mozilla-firefox-ai-controls-version-148/
-
Mozilla Introduces Global Kill Switch for Firefox AI Capabilities
Mozilla has rolled out comprehensive AI controls in Firefox 148, launching February 24, 2026, allowing users to globally disable all generative AI features across the browser. The update addresses growing user concerns about AI integration while maintaining optional AI functionality for those who want it. Firefox 148 AI Control Features The new AI controls section…
-
Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox
Mozilla on Monday announced a new controls section in its Firefox desktop browser settings that allows users to completely turn off generative artificial intelligence (GenAI) features.”It provides a single place to block current and future generative AI features in Firefox,” Ajit Varma, head of Firefox, said. “You can also review and manage individual AI features…
-
Mozilla announces switch to disable all Firefox AI features
In response to user feedback on AI integration, Mozilla announced today that the next Firefox release will let users disable AI features entirely or manage them individually. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/software/mozilla-will-let-you-turn-off-all-firefox-ai-features/
-
Chrome Ad Blocker Caught Hijacking Amazon Affiliate Links
A Chrome extension posing as an Amazon ad blocker was found secretly hijacking affiliate links to redirect commissions to its developer. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/chrome-ad-blocker-caught-hijacking-amazon-affiliate-links/
-
TAMECAT PowerShell Backdoor Targets Edge and Chrome: Login Credentials At Risk
Tags: backdoor, browser, chrome, credentials, cyber, defense, espionage, government, hacking, iran, login, microsoft, powershell, riskTAMECAT is a sophisticated PowerShell-based backdoor linked to APT42, an Iranian state-sponsored hacking group. It steals login credentials from Microsoft Edge and Chrome browsers while evading detection. Security researchers from Israel’s National Digital Agency detailed its modular design in recent SpearSpecter campaign analysis.”‹ APT42 deploys TAMECAT in long-term espionage operations against senior defense and government…
-
Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access
Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens.One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome First…
-
Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions
A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect lots of data and require a high level of browser access. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/28/incogni-chrome-extensions-privacy-risks-report/
-
‘Stanley’ Toolkit Turns Chrome Into Undetectable Phishing Vector
The malware-as-a-service kit enables malicious extensions to overlay pages on real websites without changing the visible URL, signaling a fresh challenge for enterprise security. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/stanley-toolkit-chrome-undetectable-phishing
-
LayerX Discovers Malicious Chrome Extensions Stealing ChatGPT Accounts
Security researchers from LayerX discovered 16 malicious Chrome extensions created by the same threat actor designed to intercept users’ interaction with ChatGPT chatbots and steal their account credentials, the latest instance in a growing trend. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/layerx-discovers-malicious-chrome-extensions-stealing-chatgpt-accounts/
-
New malware service guarantees phishing extensions on Chrome web store
A new malware-as-a-service (MaaS) called ‘Stanley’ promises malicious Chrome extensions that can clear Google’s review process and publish them to the Chrome Web Store. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-malware-service-guarantees-phishing-extensions-on-chrome-web-store/
-
New Malware Toolkit Redirects Victims to Malicious Sites Without Changing the URL
A dangerous new malware toolkit is being sold on Russian cybercrime forums that can redirect victims to fake websites while keeping the real domain name visible in their browser’s address bar. The toolkit, called Stanley, costs between $2,000 and $6,000 and comes with a guarantee that it will pass Google’s Chrome Web Store review process.…
-
$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome
Say hello to Stanley, a new malicious toolkit that guarantees bypassing Google’s Chrome Web Store review process. First seen on hackread.com Jump to article: hackread.com/stanley-toolkit-russia-forum-fakes-chrome-urls/
-
Just the Browser claims to tame the bloat without forking
Strips the slop and snoopery from Chrome, Edge, and Firefox First seen on theregister.com Jump to article: www.theregister.com/2026/01/19/just_the_browser/
-
Just the Browser claims to tame the bloat without forking
Strips the slop and snoopery from Chrome, Edge, and Firefox First seen on theregister.com Jump to article: www.theregister.com/2026/01/19/just_the_browser/
-
Chrome 144 Released to Fix High-Severity V8 JavaScript Engine Flaw
Google has released Chrome version 144.0.7559.96/.97 to the stable channel across Windows, Mac, and Linux platforms, addressing a critical race condition vulnerability in the V8 JavaScript engine. The update is rolling out gradually to users over the coming days and weeks. Security Update Details The latest stable release patches one significant security vulnerability tracked as…
-
Chrome 144 Released to Fix High-Severity V8 JavaScript Engine Flaw
Google has released Chrome version 144.0.7559.96/.97 to the stable channel across Windows, Mac, and Linux platforms, addressing a critical race condition vulnerability in the V8 JavaScript engine. The update is rolling out gradually to users over the coming days and weeks. Security Update Details The latest stable release patches one significant security vulnerability tracked as…
-
ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT
Huntress discovers ‘CrashFix,’ a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware. First seen on hackread.com Jump to article: hackread.com/clickfix-crashfix-kongtuke-fake-chrome-ad-blocker-modelorat/
-
Fünf Chrome-Erweiterungen, die Unternehmenssitzungen kapern
Forscher haben fünf bösartige Chrome-Erweiterungen entdeckt.Forscher des Security-Anbieters Socket haben eine koordinierte Kampagne entdeckt, die auf bösartigen Chrome-Add-ons basiert. Die Angreifer haben die Abwehrmechanismen des Chrome Web Stores umgangen und Erweiterungen als Produktivitätswerkzeuge beworben.’Die Erweiterungen arbeiten zusammen, um Authentifizierungs-Token zu stehlen, Incident-Response-Funktionen zu blockieren und durch Session-Hijacking die vollständige Übernahme von Konten zu ermöglichen”, erklären…
-
Fünf Chrome-Erweiterungen, die Unternehmenssitzungen kapern
Forscher haben fünf bösartige Chrome-Erweiterungen entdeckt.Forscher des Security-Anbieters Socket haben eine koordinierte Kampagne entdeckt, die auf bösartigen Chrome-Add-ons basiert. Die Angreifer haben die Abwehrmechanismen des Chrome Web Stores umgangen und Erweiterungen als Produktivitätswerkzeuge beworben.’Die Erweiterungen arbeiten zusammen, um Authentifizierungs-Token zu stehlen, Incident-Response-Funktionen zu blockieren und durch Session-Hijacking die vollständige Übernahme von Konten zu ermöglichen”, erklären…
-
CrashFix attack hijacks browser failures to deliver ModelRAT malware via fake Chrome extension
Payload delivery: When the user executes the supplied commands, a multistage infection process begins that ultimately deploys a previously undocumented Python-based remote access trojan, which the researchers dubbed ModelRAT. The malware establishes persistence and enables remote control of the infected system.Huntress’ telemetry suggested differing behavior based on the environment. Systems joined to a domain were…
-
Secure web browsers for the enterprise compared: How to pick the right one
Tags: access, ai, android, api, attack, browser, business, chrome, cloud, computer, control, corporate, data, encryption, endpoint, fortinet, gartner, google, guide, identity, linux, login, malicious, malware, mfa, mobile, monitoring, network, okta, phishing, saas, service, siem, software, technology, threat, tool, training, vpn, windows, zero-trustEnable MFA at the beginning of any browser session by default.Handle isolation controls both with respect to the user’s session and to isolate any application from cross-infection. This means controlling the movement of data between the browser, your particular endpoint and the web application or applications involved.Control access to web destinations, either to allow or…