Tag: browser
-
Fake npm Packages Impersonate PostCSS Tool to Steal Chrome Passwords
JFrog warns of malicious npm packages that mimic PostCSS tooling, drop a Windows RAT, and target Chrome-stored passwords through a staged infection setup route. First seen on hackread.com Jump to article: hackread.com/fake-npm-packages-postcss-tool-steal-chrome-password/
-
Payouts King Initial Access Broker Deploys Edgecution Malware Through Malicious Edge Extension
A concerted campaign by an initial access broker with ties to the Payouts King ransomware ecosystem that leverages a novel browser-based delivery technique to establish persistent host-level control. The actor deploys a malicious Microsoft Edge extension dubbed >>Edgecution<< which abuses the Chrome native messaging protocol to reach a Python backdoor running on the endpoint, effectively…
-
Vidar Infostealer Bypasses Google Chrome’s ABE Encryption via APC Injection
A sophisticated evasion technique developed by Vidar infostealer operators successfully bypasses Google Chrome’s Application-Bound Encryption (ABE). Introduced in 2024, ABE was designed to protect browser-stored cookies and sensitive credentials. According to recent findings by Gen Threat Labs, the latest iterations of Vidar are now dropping weekly updates that utilize a complex chain of process forking,…
-
Vidar Infostealer Bypasses Google Chrome’s ABE Encryption via APC Injection
A sophisticated evasion technique developed by Vidar infostealer operators successfully bypasses Google Chrome’s Application-Bound Encryption (ABE). Introduced in 2024, ABE was designed to protect browser-stored cookies and sensitive credentials. According to recent findings by Gen Threat Labs, the latest iterations of Vidar are now dropping weekly updates that utilize a complex chain of process forking,…
-
Critical Chrome Extension Vulnerabilities Let Attackers Easily Compromise Browsers
A critical security flaws in widely used Chrome extensions, exposing millions of users to the risk of full browser compromise. The vulnerabilities, named >>MaXSS<>Spyder,<< affect popular AI-powered extensions SiderAI and MaxAI, which together have more than 10 million installations across Chrome and other Chromium-based browsers. These issues transform these convenience-oriented AI helpers into […] The…
-
105K Chrome Installs Linked to Adware and Fake Google Traffic
Socket researchers linked 152 Chrome wallpaper extensions to hidden data logging, fake Google search traffic, and ad monetization. The post 105K Chrome Installs Linked to Adware and Fake Google Traffic appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-chrome-extensions-fake-traffic-user-data/
-
152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Fake Search Clicks
Socket says the extensions worked as wallpaper tools, but also logged user data, disguised install traffic as Google clicks, and fed ad sites. First seen on hackread.com Jump to article: hackread.com/chrome-live-wallpaper-extensions-ad-track-fake-search-clicks/
-
New Rokarolla Android Trojan Targets 217 Banking and Crypto Apps
Rokarolla Android malware targets 217 banking and crypto apps, steals credentials, blocks bank calls, intercepts SMS, and disables Play Protect. Zimperium’s zLabs researchers have published a detailed analysis of Rokarolla, a new Android banking trojan named after its command-and-control infrastructure. It spreads through malicious websites masquerading as TikTok and Chrome, one confirmed distribution point being…
-
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats
Cybersecurity researchers have flagged a “coordinated malware campaign” on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence (AI) provider keys.”Every plugin poses as an AI coding assistant built on DeepSeek and other large language models, offering chat, commit messages, code review, bug finding, and unit tests,”…
-
Komplett neue Einstellungen – Firefox 152 erstrahlt teilweise in neuem Glanz
Firefox 152 mit dem neuen Update eine überarbeitete Einstellungsoberfläche, neue Funktionen für Tabs sowie Verbesserungen beim Datenschutz. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/komplett-neue-einstellungen-firefox-152-erstrahlt-teilweise-in-neuem-glanz.97953
-
Komplett neue Einstellungen – Firefox 152 erstrahlt teilweise in neuem Glanz
Firefox 152 mit dem neuen Update eine überarbeitete Einstellungsoberfläche, neue Funktionen für Tabs sowie Verbesserungen beim Datenschutz. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/komplett-neue-einstellungen-firefox-152-erstrahlt-teilweise-in-neuem-glanz.97953
-
Critical Chrome Flaws Let Attackers Execute Arbitrary Code Update Immediately
Google has released an urgent Chrome security update addressing multiple critical vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The update, now rolling out to users globally, upgrades Chrome to version 149.0.7827.155/.156 for Windows and macOS and 149.0.7827.155 for Linux. Security researchers and enterprise defenders are strongly advised to apply the…
-
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence
The emerging malware, spread via fake TikTok and Chrome downloads, demonstrates an evolution by combining banking fraud with extensive device surveillance and remote control. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/rokarolla-android-trojan
-
Klickbetrug im Browser: 152 Chrome-Erweiterungen als Adware entlarvt
Eine Untersuchung entlarvt 152 Hintergrundbild-Erweiterungen für Google Chrome, die heimlich Nutzerdaten sammeln und gefälschten Traffic erzeugen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/152-chrome-erweiterungen-adware
-
âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod.This week is the same lesson in a new form: phishing kits are easier to rent, AI names are useful bait, old login paths still fail, and forgotten software…
-
152 Chrome Wallpaper Extensions with 105K Installs Linked to Adware and Fake Traffic
Cybersecurity researchers have discovered a network of 152 Google Chrome extensions that act as new tab live wallpaper add-ons to distribute a potentially unwanted program (PUP) family.The cluster spans 38 separate Chrome Web Store publisher accounts and three brand backends: tabplugins[.]com, yowgames[.]com, and chromewallpaper[.]com. They have been collectively installed 105,000 times. The First seen on…
-
SearchJack Adware Campaign Exposes 758,000 Users to Privacy and Phishing Risks
A coordinated campaign of 23 seemingly legitimate Chrome extensions tracked as >>SearchJack<< has quietly hijacked the default search settings of roughly 758,000 users, routing queries through operator-controlled monetization middleware before returning results. At first glance the extensions promise useful features satellite imagery, productivity tools, news readers, maps but their true purpose is affiliate search monetization,…
-
Malicious 152 Chrome Extensions Caught Spoofing Google Organic Search Traffic
A massive, coordinated network of 152 malicious Google Chrome browser extensions has been dismantled after researchers caught the operation generating fake organic Google search traffic. Socket’s Threat Research Team discovered the operation spanning 38 separate Chrome Web Store publisher accounts and tracing back to three primary brand backends: tabplugins[.]com, yowgames[.]com, and chromewallpaper[.]com. Disguised as benign…
-
Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild.The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds memory access in V8, Chrome’s JavaScript and WebAssembly engine.”Out-of-bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 First…
-
Google fixes the fifth actively exploited Chrome zero-day of 2026
Google fixed a new Chrome zero-day, tracked as CVE-2026-11645, in the V8 JavaScript engine, which is already being exploited in the wild. Google released emergency updates to address a new Chrome zero-day vulnerability, tracked as CVE-2026-11645, that has been exploited in the wild. This flaw is the fifth Chrome zero-day that is being exploited in…
-
Google fixes the fifth actively exploited Chrome zero-day of 2026
Google fixed a new Chrome zero-day, tracked as CVE-2026-11645, in the V8 JavaScript engine, which is already being exploited in the wild. Google released emergency updates to address a new Chrome zero-day vulnerability, tracked as CVE-2026-11645, that has been exploited in the wild. This flaw is the fifth Chrome zero-day that is being exploited in…
-
Google patches Chrome zero-day exploited in the wild (CVE-2026-11645)
Google has fixed 74 vulnerabilities in Chrome, including a high-severity zero-day (CVE-2026-11645) that has been exploited in the wild. >>Google is aware that an exploit … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/09/google-chrome-zero-day-cve-2026-11645/
-
Google Releases Patch for Chrome Vulnerability Exploited in the Wild
The flaw, CVE-2026-11645, can allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-patch-chrome-vulnerability/
-
Ein falscher Klick reicht: Chrome-Nutzer werden über V8-Lücke attackiert
Ein Klick auf einen Link genügt, um in Google Chrome Schadcode zur Ausführung zu bringen. Angreifer machen davon bereits Gebrauch. First seen on golem.de Jump to article: www.golem.de/news/attacken-auf-javascript-engine-unzaehlige-nutzer-durch-chrome-luecke-gefaehrdet-2606-209549.html
-
Attacken auf JavascriptLücke gefährdet
Ein Klick auf einen Link genügt, um in Google Chrome Schadcode zur Ausführung zu bringen. Angreifer machen davon bereits Gebrauch. First seen on golem.de Jump to article: www.golem.de/news/attacken-auf-javascript-engine-unzaehlige-nutzer-durch-chrome-luecke-gefaehrdet-2606-209549.html
-
Google patches new Chrome zero-day flaw exploited in the wild
Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the fifth such flaw patched since the start of the year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-patches-fifth-chrome-zero-day-bug-exploited-in-attacks-this-year/
-
Google Fixes 429 Chrome Vulnerabilities, Including 22 Critical Bugs
Google has released Chrome 149 to the stable channel, addressing a significant batch of 429 security vulnerabilities across Windows, macOS, and Linux, including 22 critical flaws that could enable remote code execution, memory corruption, and sandbox escapes. The update, version 149.0.7827.53/54, is being rolled out gradually and includes fixes across multiple components, including ANGLE, GPU,…
-
Google Fixes 429 Chrome Vulnerabilities, Including 22 Critical Bugs
Google has released Chrome 149 to the stable channel, addressing a significant batch of 429 security vulnerabilities across Windows, macOS, and Linux, including 22 critical flaws that could enable remote code execution, memory corruption, and sandbox escapes. The update, version 149.0.7827.53/54, is being rolled out gradually and includes fixes across multiple components, including ANGLE, GPU,…
-
AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside almost everything that touches video, all of them found by an autonomous AI agent.The same week, Google shipped Chrome 149 with patches for 429 security bugs, the most ever in a…
-
Malicious Browser Add-Ons Target Major AI Chatbot Users
Malicious browser add-ons are actively harvesting conversations and personal data from users of major AI platforms including ChatGPT, Claude, Copilot, Gemini, and DeepSeek. The threat leverages ostensibly helpful Chrome extensions VPNs, sidebars, and “AI assistants” to intercept agentic-AI interactions, exfiltrate chat histories, and aggregate sensitive information that users routinely share with generative models. Analysis of…