Tag: browser
-
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linkedin-secretly-scans-for-6-000-plus-chrome-extensions-collects-data/
-
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linkedin-secretely-scans-for-6-000-plus-chrome-extensions-collects-data/
-
Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users
A fake Chrome browser extension called ‘ChatGPT Ad Blocker’ was harvesting conversations of ChatGPT users in the name of offering an ad-free experience. First seen on hackread.com Jump to article: hackread.com/fake-chatgpt-ad-blocker-chrome-extension-spy-users/
-
Malicious Chrome Extension >>ChatGPT Ad Blocker<< Targets Users, Steals Conversations
Security researchers have uncovered a malicious Google Chrome extension named >>ChatGPT Ad Blocker<>ChatGPT Ad Blocker<< Targets Users, Steals Conversations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/malicious-chrome-extension-targets-chatgpt-users/
-
Patch Now: Chrome Flaw Under Active Attack, Google Confirms
Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and full device compromise. The post Patch Now: Chrome Flaw Under Active Attack, Google Confirms appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-chrome-zero-day-cve-2026-5281-active-exploit/
-
Storm Infostealer Sold as Service, Targets Browsers, Wallets and Accounts
New research from Varonis Threat Labs reveals Storm infostealer, a malicious subscription service that bypasses Google Chrome encryption…. First seen on hackread.com Jump to article: hackread.com/storm-infostealer-sold-as-service-browsers-wallets/
-
CISA Issues Alert on Chrome Zero-Day Under Active Exploitation
Tags: browser, chrome, cisa, cve, cyber, cybersecurity, exploit, flaw, google, hacker, infrastructure, kev, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical zero-day vulnerability affecting Google Chrome and other Chromium-based web browsers. Officially tracked as CVE-2026-5281, this security flaw has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog because hackers are actively exploiting it in real-world attacks. The vulnerability originates…
-
New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation, Patch Released
Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild.The high-severity vulnerability, CVE-2026-5281 (CVSS score: N/A), concerns a use-after-free bug in Dawn, an open-source and cross-platform implementation of the WebGPU standard.”Use-after-free in Dawn in Google Chrome prior…
-
Google Warns of New Chrome Zero-Day Under Active Exploitation Users Urged to Update Immediately
Google has released an urgent security update for its Chrome desktop browser to address 21 vulnerabilities, including a critical zero-day flaw that is actively being exploited in the wild. Users are strongly urged to update their browsers immediately to version 146.0.7680.177/.178 for Windows and Mac, or 146.0.7680.177 for Linux . Active Zero-Day Threat The most…
-
Google Chrome Update Fixes 21 Flaws, Warns of Actively Exploited Vulnerability
Google has released a Stable Channel Update for Chrome, addressing 21 security vulnerabilities, including a high-profile code smuggling vulnerability that is actively being exploited in the wild. The update rolled out on Wednesday night. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/chrome-stable-channel-update-security/
-
Google fixes Chrome zero-day with in-the-wild exploit (CVE-2026-5281)
Google has fixed 21 vulnerabilities affecting its popular Chrome browser, among them a zero-day (CVE-2026-5281) with an in-the-wild exploit. About CVE-2026-5281 As per usual, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/01/google-chrome-zero-day-cve-2026-5281/
-
Google fixes fourth Chrome zero-day exploited in attacks in 2026
Google has fixed the fourth Chrome vulnerability exploited in zero-day attacks since the start of the year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-fixes-fourth-chrome-zero-day-exploited-in-attacks-in-2026/
-
Schadcode per Klick: Attackierte Chrome-Lücke gefährdet Millionen von Nutzern
In Google Chrome klafft eine Sicherheitslücke, mit der sich per Webseitenaufruf Schadcode einschleusen lässt. Angreifer nutzen das bereits aus. First seen on golem.de Jump to article: www.golem.de/news/schadcode-per-klick-attackierte-chrome-luecke-gefaehrdet-millionen-von-nutzern-2604-207143.html
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 90
Tags: attack, browser, chrome, cyber, docker, government, international, iran, malware, software, supply-chainSecurity Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape New Malware Targets Users of Cobra DocGuard Software Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets Trivy Supply Chain Attack Expands to Compromised Docker Images VoidStealer: Debugging Chrome to Steal…
-
Google Issues High-Risk Security Patch for 3.5 Billion Chrome Users: What You Need to Know
Google patches eight high-severity Chrome vulnerabilities affecting 3.5 billion users. Here’s why you should update and relaunch your browser now. The post Google Issues High-Risk Security Patch for 3.5 Billion Chrome Users: What You Need to Know appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-chrome-update-8-vulnerabilities-3-5-billion-users/
-
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic’s Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page.The flaw “allowed any website to silently inject prompts into that assistant as if the user wrote them,” Koi Security researcher Oren Yomtov said in a report shared with…
-
Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website
Cybersecurity researchers have disclosed a vulnerability in Anthropic’s Claude Google Chrome Extension that could have been exploited to trigger malicious prompts simply by visiting a web page.The flaw “allowed any website to silently inject prompts into that assistant as if the user wrote them,” Koi Security researcher Oren Yomtov said in a report shared with…
-
GlassWorm Malware Uses Solana Dead Drops to Deliver RAT and Steal Browser, Crypto Data
Cybersecurity researchers have flagged a new evolution of the GlassWorm campaign that delivers a multi-stage framework capable of comprehensive data theft and installing a remote access trojan (RAT), which deploys an information-stealing Google Chrome extension masquerading as an offline version of Google Docs.”It logs keystrokes, dumps cookies and session tokens, captures screenshots, and First seen…
-
Quelloffener EClient – Thunderbird 149 und ein Update für 140.9 ESR verfügbar
Beim Browser Firefox 149 gibt es diesen Monat eine große Neuigkeit, der E-Mail-Client Thunderbird 149 geht es da gemächlicher an. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/quelloffener-e-mai-client-thunderbird-149-und-ein-update-fuer-140-9-esr-verfuegbar.96680
-
Mozilla Releases Firefox”¯149.0 With Free Built”‘In VPN Offering 50″¯GB Monthly Data
Mozilla released Firefox 149.0 to the Release channel, bringing a significant set of privacy and security enhancements to the browser. The standout feature of this update is the integration of a free, built-in VPN designed to protect users on public networks and secure sensitive browsing activities. The new built-in VPN routes web traffic through a…
-
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Expel has warned of malicious Chrome extensions stealing users’ AI conversations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/experts-prompt-poaching-browser/
-
Experts Sound Alarm Over “Prompt Poaching” Browser Extensions
Expel has warned of malicious Chrome extensions stealing users’ AI conversations First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/experts-prompt-poaching-browser/
-
50 GB Datenvolumen inklusive – Kostenloser VPN ab sofort direkt in Firefox 149 verfügbar
Mit Firefox 149 zieht ein kostenloser VPN-Dienst von Mozilla in den Browser ein ohne extra Installation und mit 50 GB/Monat Datenvolumen. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/50-gb-datenvolumen-inklusive-kostenloser-vpn-ab-sofort-direkt-in-firefox-149-verfuegbar.96674
-
Firefox now has a free built-in VPN with 50GB monthly data limit
Mozilla released Firefox 149 with added privacy protection through a built-in VPN tool offering up to 50GB of monthly traffic. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/firefox-now-has-a-free-built-in-vpn-with-50gb-monthly-data-limit/
-
Firefox now has a free built-in VPN with 50GB monthly data limit
Mozilla released Firefox 149 with added privacy protection through a built-in VPN tool offering up to 50GB of monthly traffic. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/firefox-now-has-a-free-built-in-vpn-with-50gb-monthly-data-limit/
-
Chrome Security Update Fixes 8 Vulnerabilities That Could Enable Remote Code Execution
Google has released a crucial security update for its Chrome browser, addressing eight high-severity vulnerabilities. Users are strongly advised to update their browsers immediately to protect their systems from potential remote code execution attacks. The stable channel update rolls out versions 146.0.7680.164 and 146.0.7680.165 for Windows and Mac users, while Linux users will receive version…
-
Chrome ABE bypass discovered: New VoidStealer malware steals passwords and cookies
Malware with many tricks: VoidStealer is part of a broader shift in how infostealers are evolving post-ABE. The malware already supports multiple bypass techniques, falling back to older injection-based methods if needed, but clearly prioritizing stealth where possible.Krejsa also warned of its development pace. Since first appearing in December 2025, the malware has evolved quickly…
-
VoidStealer Steals Chrome Secrets Without Injection or Privilege Escalation
A new variant of the MaaS infostealer VoidStealer has become the first malware observed in the wild to weaponize a debugger”‘based bypass for Google Chrome’s Application”‘Bound Encryption (ABE), using hardware breakpoints to steal Chrome’s v20_master_key directly from browser memory. Unlike previous ABE bypasses, this method requires neither SYSTEM”‘level privilege escalation nor code injection into the…
-
VoidStealer malware steals Chrome master key via debugger trick
An information stealer called VoidStealer uses a new approach to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/voidstealer-malware-steals-chrome-master-key-via-debugger-trick/