Tag: browser
-
Highly Obfuscated .NET sectopRAT Mimic as Chrome Extension
SectopRAT, also known as Arechclient2, is a sophisticated Remote Access Trojan (RAT) developed using the .NET framework. This malware is notorious for its advanced obfuscation techniques, making it challenging to analyze and detect. Recently, cybersecurity researchers uncovered a new campaign where sectopRAT disguises itself as a legitimate Google Chrome extension named >>Google Docs,
-
XCSSET macOS malware reappears with new attack strategies, Microsoft sounds alarm
Xcode developers targeted through infected projects: Microsoft reported that XCSSET continues to spread via compromised Xcode projects, a technique that has been in use since the malware’s discovery in 2020. Once an infected project is cloned or downloaded, the malware can embed itself within the developer’s system and further propagate when the infected code is…
-
Safe Browsing: KI-Feature in Google Chrome ab sofort verfügbar
Das Surfen mit Chrome soll sicherer werden. Dabei spielt KI die zentrale Rolle. Der Schutz ist standardmäßig aber nicht aktiv. First seen on heise.de Jump to article: www.heise.de/news/Google-Chrome-KI-Schutz-vor-Phishing-Websites-Co-ab-sofort-aktivierbar-10284604.html
-
Google Chrome Introduces AI to Block Malicious Websites and Downloads
Google has taken a significant step in enhancing internet safety by integrating artificial intelligence (AI) into its >>Safe Browsing
-
Google Chrome’s AI-powered security feature rolls out to everyone
Google Chrome has updated the existing “Enhanced protection” feature with AI to offer “real-time” protection against dangerous websites, downloads and extensions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-chromes-ai-powered-security-feature-rolls-out-to-everyone/
-
Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability
Google has released a Chrome 133 update to address four high-severity vulnerabilities reported by external researchers. The post Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-pays-out-55000-bug-bounty-for-chrome-vulnerability/
-
Google Chrome’s Safe Browsing Now Protects 1 Billion Users Worldwide
Google’s Safe Browsing technology now ensures enhanced protection for over 1 billion Chrome users worldwide. Launched in 2005, Safe Browsing is a robust system designed to safeguard users from phishing, malware, scams, and other cyber threats. By leveraging advanced artificial intelligence (AI) and machine learning, this cutting-edge technology has become a cornerstone of web security,…
-
Privacy Roundup: Week 6 of Year 2025
Tags: access, ai, api, apple, backdoor, breach, browser, cctv, chrome, control, credit-card, cybersecurity, data, data-breach, encryption, exploit, firmware, framework, germany, government, group, leak, malware, monitoring, phishing, privacy, regulation, risk, router, scam, service, software, spy, technology, threat, tool, update, vpn, vulnerability, windowsThis is a news item roundup of privacy or privacy-related news items for 2 FEB 2025 – 8 FEB 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
How to Remove Your Saved Passwords in Chrome
Given Chrome’s frequent security issues, you shouldn’t be saving your passwords to Google’s browser. Learn how to delete and prevent passwords from re-syncing in Chrome. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/remove-saved-passwords-chrome/
-
CERT-In Warns of High-Severity Vulnerabilities in Mozilla Firefox and Thunderbird
The Indian Computer Emergency Response Team (CERT-In) has issued a vulnerability note (CIVN-2025-0016) highlighting a series of Mozilla vulnerability, including Firefox and Thunderbird. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/critical-vulnerabilities-in-mozilla-products/
-
Google’s 7-year slog to improve Chrome extensions still hasn’t satisfied developers
Makers of content blockers, privacy add-ons say promises weren’t kept First seen on theregister.com Jump to article: www.theregister.com/2025/02/07/google_chrome_extensions/
-
Flesh Stealer Malware Attacking Chrome, Firefox, and Edge Users to Steal Passwords
A newly identified malware, Flesh Stealer, is rapidly emerging as a significant cybersecurity threat in 2025. Designed to extract sensitive data such as passwords, cookies, and browsing history, the malware targets widely used browsers like Google Chrome, Mozilla Firefox, Microsoft Edge, and Opera. Additionally, it infiltrates messaging applications like Telegram and Signal to exfiltrate stored…
-
Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking
Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT.The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China.”This actor has increasingly targeted key roles…
-
MacOS Ferret operators add a deceptive bite to their malware family
The macOS Ferret family, variants of malware used by North Korean APTs for cyber espionage, has received a new member as samples of a detection-resistant variant, Flexible-Ferret, appear in the wild.The discovery of the samples was made by SentinelOne researchers who noted the variant’s capability to evade the recent XProtect signature update that Apple pushed…
-
Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities
Chrome 133 and Firefox 135 were released with patches for multiple high-severity memory safety vulnerabilities. The post Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-133-firefox-135-patch-high-severity-vulnerabilities/
-
New ValleyRAT Malware Variant Spreading via Fake Chrome Downloads
Morphisec uncovers a new ValleyRAT malware variant with advanced evasion tactics, multi-stage infection chains, and novel delivery methods… First seen on hackread.com Jump to article: hackread.com/valleyrat-malware-variant-fake-chrome-downloads/
-
FleshStealer: A new Infostealer Attacking Chrome Mozilla Users
A newly identified strain of information-stealing malware, FleshStealer, is making headlines in 2025 due to its advanced evasion techniques and targeted data extraction capabilities. Flashpoint analysts have shed light on its operation, revealing a sophisticated tool that poses significant risk to organizations worldwide. Designed to bypass traditional defenses and target sensitive data, FleshStealer is emerging…
-
SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon
It’s another cousin of Spectre, here to read your email, browsing history, and more First seen on theregister.com Jump to article: www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/
-
Google to kill Chrome Sync on older Chrome browser versions
Google announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/
-
Chrome Security Update Patch for 3 High-Severity Vulnerabilities
Google has released a critical update for the Chrome browser, addressing three high-severity security vulnerabilities. This patch, part of the latest Stable channel release, ensures users remain protected from potential threats. The new version rolled out progressively, underscores Chrome’s commitment to providing a secure browsing environment. Users are urged to update their browsers promptly to…
-
Google launches customizable Web Store for Enterprise extensions
Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees’ web browsers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-launches-customizable-web-store-for-enterprise-extensions/
-
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users. The attack, which unfolded in December 2024, involved phishing campaigns aimed at extension developers and the injection of malicious code into legitimate Chrome extensions. Sensitive user data, including API keys, session cookies, and authentication tokens…
-
Supply chain attack hits Chrome extensions, could expose millions
Threat actor exploited phishing and OAuth abuse to inject malicious code First seen on theregister.com Jump to article: www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/
-
Spooks of the internet came alive this Halloween
Halloween 2024 made history with a massive spike in distributed denial of service (DDoS) attacks, with one particular assault reaching over 5 Terabits-per-second (Tbps) worth of phony traffic.In its quarterly analysis of DDoS attacks, Cloudflare reported a surge in hyper-volumetric attacks in the fourth quarter of 2024.”In the fourth quarter, over 420 of those attacks…
-
Kompromittierte Chrome-Extensions als Gefahr
Ich stelle mal ein nicht mehr so ganz neues Problem hier im Beitrag zur Diskussion. Manche Leute verwenden ja recht heftig sogenannte Browser-Extensions. Die bieten Zusatzfunktionen, setzen Nutzer aber der Gefahr aus, dass plötzlich Schadfunktionen über kompromittierte Extensions in den … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/01/22/kompromittierte-chrome-extensions-als-gefahr/
-
Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
A newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling cybercriminals to steal sensitive cookies from Google Chrome. This incident marks a significant escalation in the tactics employed by malicious actors to exploit trusted software ecosystems. The Discovery The nefarious extension, uploaded to the VS…
-
Critical Mozilla Vulnerabilities Prompt Urgent Updates for Firefox and Thunderbird Users
Mozilla Firefox and Thunderbird users are facing a series of high-severity vulnerabilities that could leave systems open to exploitation. The Indian Computer Emergency Response Team (CERT-In) issued an advisory on January 20, 2025, highlighting multiple security flaws in Mozilla’s popular browser and email client. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cert-in-reports-mozilla-vulnerabilities/
-
Chrome 132 Patches 16 Vulnerabilities
Google has released Chrome 132 with fixes for 16 vulnerabilities, including multiple high-severity security defects. The post Chrome 132 Patches 16 Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-132-patches-16-vulnerabilities/
-
Chrome Security Update Patch For 16 Vulnerabilities
Google has released a significant security update for its Chrome browser, addressing 16 vulnerabilities in version 132.0.6834.83/84 for Windows, Mac, and Linux platforms. This update, which will be rolled out over the coming days and weeks. While this security update includes several critical fixes and improvements to enhance the security of the web browser. The…