Tag: browser
-
U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog
Tags: browser, chrome, cisa, cve, cybersecurity, exploit, flaw, google, infrastructure, kev, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Chromium V8 vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Chromium V8 vulnerability, tracked as CVE-2025-6554, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, Google released security patches to address the Chrome vulnerability CVE-2025-6554 for which an exploit is…
-
Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/06/week-in-review-sudo-local-privilege-escalation-flaws-fixed-google-patches-actively-exploited-chrome/
-
Firefox store littered with crypto-pilfering extensions
First seen on scworld.com Jump to article: www.scworld.com/brief/firefox-store-littered-with-crypto-pilfering-extensions
-
Over 40 Malicious Firefox Extensions Target Cryptocurrency Wallets, Stealing User Assets
Cybersecurity researchers have uncovered over 40 malicious browser extensions for Mozilla Firefox that are designed to steal cryptocurrency wallet secrets, putting users’ digital assets at risk.”These extensions impersonate legitimate wallet tools from widely-used platforms such as Coinbase, MetaMask, Trust Wallet, Phantom, Exodus, OKX, Keplr, MyMonero, Bitget, Leap, Ethereum Wallet, and Filfox First seen on thehackernews.com…
-
Actively exploited Chrome zero-day addressed
First seen on scworld.com Jump to article: www.scworld.com/brief/actively-exploited-chrome-zero-day-addressed
-
Google fixes type confusion flaw in Chrome browser
An actively exploited type confusion vulnerability in the Google Chrome web browser needs immediate attention from users First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366626960/Google-fixes-type-confusion-flaw-in-Chrome-browser
-
Dozens of fake wallet add-ons flood Firefox store to drain crypto
More than 40 fake extensions in Firefox’s official add-ons store are impersonating popular cryptocurrency wallets from trusted providers to steal wallet credentials and sensitive data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dozens-of-fake-wallet-add-ons-flood-firefox-store-to-drain-crypto/
-
Critical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacks
Chained with a legacy flaw for RCE : Oligo demonstrated that the attack vector combines two independent flaws. Attackers could chain the legacy “0.0.0.0-day” browser flaw, which lets web pages send requests to 0.0.0.0 address that browsers treat like localhost, to a CSRF-style attack leveraging the Inspector proxy’s vulnerable “/sse” endpoint that accepts commands via query…
-
CVE-2025-6554 is the fourth Chrome zero-day patched by Google in 2025
Google released security patches to address a Chrome vulnerability, tracked as CVE-2025-6554, for which an exploit exists in the wild. Google released security patches to address a Chrome vulnerability, tracked as CVE-2025-6554, for which an exploit is available in the wild. >>Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a remote attacker…
-
Chrome Zero-Day, ‘FoxyWallet’ Firefox Attacks Threaten Browsers
Separate threats to popular browsers highlight the growing security risk for enterprises presented by the original gateway to the Web, which remains an integral tool for corporate users. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/browsers-targeted-chrome-zero-day-malicious-firefox-extensions
-
Google Issues Emergency Patch for Fourth Chrome Zero-Day of 2025
Google has patched a critical type confusion vulnerability in Chrome, the fourth zero-day fix in 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-patch-chrome-zero-day/
-
Chrome Zero-Day CVE-2025-6554 Under Active Attack, Google Issues Security Update
Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild.The zero-day vulnerability, tracked as CVE-2025-6554 (CVSS score: N/A), has been described as a type confusing flaw in the V8 JavaScript and WebAssembly engine.”Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a…
-
Google fixes fourth actively exploited Chrome zero-day of 2025
Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-fixes-fourth-actively-exploited-chrome-zero-day-of-2025/
-
Google Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation
Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild.The zero-day vulnerability, tracked as CVE-2025-6554 (CVSS score: N/A), has been described as a type confusing flaw in the V8 JavaScript and WebAssembly engine.”Type confusion in V8 in Google Chrome prior to 138.0.7204.96 allowed a…
-
Google patches actively exploited Chrome (CVE”‘2025″‘6554)
Google has released a security update for Chrome to address a zero”‘day vulnerability (CVE-2025-6554) that its Threat Analysis Group (TAG) discovered and reported last week. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/01/google-patches-actively-exploited-chrome-cve-2025-6554/
-
New C4 Bomb Attack Breaks Through Chrome’s AppBound Cookie Protections
Tags: attack, breach, browser, chrome, credentials, cyber, cybersecurity, data, encryption, google, risk, theftCybersecurity researchers have unveiled a new attack”, dubbed the “C4 Bomb” (Chrome Cookie Cipher Cracker)”, that successfully bypasses Google Chrome’s much-touted AppBound Cookie Encryption. This breakthrough exposes millions of users to renewed risks of cookie theft, credential compromise, and potential data breaches, despite Google’s recent efforts to harden Chrome against infostealer malware. AppBound Cookie Encryption…
-
Chrome 0-Day Flaw Exploited in the Wild to Execute Arbitrary Code
Google has issued an urgent security update for its Chrome browser, addressing a critical zero-day vulnerability that is being actively exploited by attackers. The flaw, tracked asCVE-2025-6554, is atype confusionvulnerability in Chrome’s V8 JavaScript engine, which underpins the browser’s ability to process web content across Windows, macOS, and Linux platforms. The vulnerability was discovered by…
-
Microsoft confirms Family Safety blocks Google Chrome from launching
Microsoft has confirmed that its Family Safety parental control service is blocking users from launching Google Chrome and other web browsers on Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-family-safety-blocks-google-chrome-from-launching/
-
Windows Family Safety: Chrome-Blockade bestätigt
Nutzer beklagen sich seit Anfang Juni 2025, dass sie den Google Chrome-Browser nicht mehr verwenden können, wenn Microsoft Family Safety unter Windows installiert ist. Ich hatte darüber berichtet und nun hat Microsoft das Ganze offiziell in einem Support-Beitrag bestätigt … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/26/windows-family-safety-chrome-blockade-bestaetigt/
-
Firefox 140 Launches with Critical Code Execution Bug Fix Update Now
Mozilla has officially released Firefox 140, marking a significant update that addresses multiple security vulnerabilities, including a critical code execution flaw. Users are strongly urged to update their browsers immediately to protect against potential exploits targeting these newly patched weaknesses. Critical Security Fixes in Firefox 140 The highlight of Firefox 140 is the resolution of…
-
Chrome Releases Security Patch for 11 Code Execution Vulnerabilities
The Chrome team has announced the rollout of a critical security update for its popular web browser, Chrome, addressing 11 code execution vulnerabilities that could potentially put millions of users at risk. The update, Chrome 138.0.7204.49 for Linux and 138.0.7204.49/50 for Windows and Mac, is now being distributed through the stable channel and will reach…
-
Google Plans to Remove Chrome’s Tab Scrolling Feature
Google has decided to deprecate the “Tab Scrolling” feature in its Chrome browser, marking the end of a tool that many users relied on to manage large numbers of open tabs. This feature, previously accessible through a Chrome flag, allowed users to scroll horizontally through their open tabs, preventing them from being compressed into an…
-
DNS-Sperren umgehen Firefox im Juni 2025
DNS-Sperren umgehen beim Firefox. So richtest du DNS über HTTPS ein, schützt deine Privatsphäre und surfst zensurfrei. Stand Juni 2025. First seen on tarnkappe.info Jump to article: tarnkappe.info/tutorials/dns-sperren-umgehen-firefox-im-juni-2025-317053.html
-
âš¡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent”, until they are. What if your environment is already being tested, just not in ways you expected?Some of the most dangerous moves are hidden in plain sight. It’s worth asking: what patterns are…
-
Microsoft blockiert Google Chrome mittels Schutzfunktion
Seit Anfang Juni können einige Windows-Nutzer Google Chrome nicht mehr verwenden. Schuld daran ist eine Schutzfunktion für Minderjährige. First seen on golem.de Jump to article: www.golem.de/news/windows-schutzfunktion-von-microsoft-blockiert-google-chrome-2506-197357.html
-
Microsoft Family Safety Now Blocking All Versions of Google Chrome
In a development that has left students, parents, and educators frustrated, Microsoft’s Family Safety feature is now blocking all versions of Google Chrome from launching on Windows devices. The issue, which first surfaced in early June, has persisted for over two weeks without an official fix or comment from Microsoft, raising concerns about both digital…
-
DNS-Sperren umgehen bei Brave und Google Chrome im Handumdrehen
Wer unbeschwert surfen und dabei alle Einschränkungen durch Websperren umgehen will, bekommt für Google Chrome und Brave nun eine Anleitung. First seen on tarnkappe.info Jump to article: tarnkappe.info/tutorials/dns-sperren-umgehen-bei-brave-und-google-chrome-im-handumdrehen-316914.html
-
Google Chrome Zero-Day CVE-2025-2783 Exploited by TaxOff to Deploy Trinper Backdoor
A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper.The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3).Google addressed the flaw later that month after Kaspersky…
-
How bot detection misfires on non-mainstream browsers and privacy tools
Every time there’s a Hacker News thread about bots, bot detection, or CAPTCHAs, a familiar complaint shows up: people using VPNs, ad blockers, Firefox forks, or privacy tools get bombarded with CAPTCHAs or blocked entirely. It feels like modern anti-bot systems are punishing users just for trying to First seen on securityboulevard.com Jump to article:…