Tag: browser
-
Speicherfehler – Google stopft 3 kritische Sicherheitslücken in Chrome
First seen on security-insider.de Jump to article: www.security-insider.de/chrome-stable-update-schliesst-10-sicherheitsluecken-3-kritisch-a-35022bbfb9c477115fe2413efd80f286/
-
Chrome-Erweiterungen können Nutzer ausforschen
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/chrome-browser-erweiterungen-ausforschung-nutzer-daten
-
March Patch Tuesday: Three high severity holes in Microsoft Office
aadsshlogin package. Systems with the extension already installed have packages.microsoft.com configured automatically, so no additional setup is required.”The cloud ecosystem doesn’t really handle patching well,” Reguly said. “It’s a relatively immature process, and the way that Microsoft handles these products really demonstrates that. The CVE impacting Azure Linux Virtual Machines (CVE-2026-23665) or the multiple CVEs…
-
Malicious Chrome Extension Targets imToken Wallet Users
A fake Chrome extension impersonating imToken redirects users to phishing pages to steal crypto wallet keys. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/malicious-chrome-extension-targets-imtoken-wallet-users/
-
Sicherheitsanalyse mit KI – Anthropics Opus 4.6 findet 22 Sicherheitslücken in Firefox
Innerhalb von zwei Wochen hat Claude Opus 4.6 ganze 22 CVE-Sicherheitslücken im Firefox-Browser entdeckt. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/sicherheitsanalyse-mit-ki-anthropics-opus-4-6-findet-22-sicherheitsluecken-in-firefox.96461
-
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject arbitrary code, and harvest sensitive data.The extensions in question, both originally associated with a developer named “akshayanuonline@gmail.com” (BuildMelon), are listed below -QuickLens – Search Screen with First…
-
Anthropic Claude Opus AI model discovers 22 Firefox bugs
Anthropic used Claude Opus 4.6 to identify 22 Firefox vulnerabilities, most of which were high severity, all of which were fixed in Firefox 148, released in January 2026. Anthropic discovered 22 security vulnerabilities in Firefox using its Claude Opus 4.6 AI model in January 2026. Mozilla addressed these issues in Firefox 148. The researchers state…
-
Fake AI Extensions Breached Chat Histories in 20,000+ Enterprise Tenants
Microsoft has issued an alert after uncovering a wave of malicious Chromium-based browser extensions masquerading as legitimate AI assistant tools. The extensions, available on the Chrome Web Store and compatible with both Google Chrome and Microsoft Edge, secretly collected private browser data and AI chat content. Microsoft found that stolen data included full URLs, internal site…
-
Mit CVEs: KI findet 100 Firefox-Lücken in zwei Wochen
Anthropics Claude hat in einem internen Test mehr als 100 Sicherheitslücken im Firefox-Browser aufgedeckt. Mozilla reagiert mit verstärktem KI-Einsatz. First seen on golem.de Jump to article: www.golem.de/news/mit-cves-ki-findet-100-firefox-luecken-in-zwei-wochen-2603-206226.html
-
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla.Of these, 14 have been classified as high, seven have been classified as moderate, and one has been rated low in severity. The issues were addressed in Firefox 148, released late last month.…
-
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla.Of these, 14 have been classified as high, seven have been classified as moderate, and one has been rated low in severity. The issues were addressed in Firefox 148, released late last month.…
-
Malicious Browser Add”‘on Targets imToken Users’ Private Keys
Socket’s Threat Research Team has uncovered a highly deceptive Google Chrome extension designed to steal private keys and seed phrases from cryptocurrency users. The malicious add-on, named >>lmΤoken Chromophore<< (extension ID bbhaganppipihlhjgaaeeeefbaoihcgi), disguises itself as a harmless hex color visualizer for developers and digital artists. However, its true purpose is to impersonate the widely used…
-
Claude AI Exposes 22 Firefox Vulnerabilities in Just Two Weeks
Artificial intelligence has officially entered the realm of advanced vulnerability research, moving beyond simple code assistance to autonomous threat hunting. This highly accelerated discovery rate outpaces traditional manual research, with the AI uncovering more vulnerabilities in one month than human researchers reported in any single month of 2025. Fourteen of these discoveries were classified as…
-
The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors
Millions installed ‘productivity’ Chrome extensions that became malware after acquisition. Here’s how browser extensions became enterprise security’s weakest link. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-chrome-extension-backdoor-how-productivity-tools-became-enterprise-attack-vectors/
-
Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits
Now if only device makers would deliver higher quality components First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/firefox_bugs_anthropic_ai/
-
Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks
In a recent security partnership with Mozilla, Anthropic found 22 separate vulnerabilities in Firefox, 14 of them classified as “high-severity.” First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/06/anthropics-claude-found-22-vulnerabilities-in-firefox-over-two-weeks/
-
Google Rolls Out Emergency Chrome Update to Patch 10 Critical Security Vulnerabilities
Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from potential exploits that could allow attackers to execute arbitrary code or compromise affected systems. The Chrome update is…
-
Google Rolls Out Emergency Chrome Update to Patch 10 Critical Security Vulnerabilities
Google released an urgent security update for its Chrome browser to address 10 vulnerabilities. Deployed on March 3, 2026, this stable channel update fixes three critical flaws and seven high-severity issues. The emergency patch protects users from potential exploits that could allow attackers to execute arbitrary code or compromise affected systems. The Chrome update is…
-
Google speeds up Chrome updates with new security-focused release cycle
The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/04/google-chrome-two-week-release-cycle/
-
Google speeds up Chrome updates with new security-focused release cycle
The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/04/google-chrome-two-week-release-cycle/
-
Google speeds up Chrome updates with new security-focused release cycle
The Chrome browser is moving to a two-week release cycle, a change intended to give developers and users faster access to new features, performance improvements and bug fixes. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/04/google-chrome-two-week-release-cycle/
-
Google feels the need for security speed, so will ship Chrome updates every two weeks
Retains eight-weekly Extended Stable releases but warns fortnightly updates are the best way to stay safe First seen on theregister.com Jump to article: www.theregister.com/2026/03/04/google_speeds_chrome_release_cadence/
-
Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets
A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases. The post Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-compromised-chrome-extension-malware-crypto-theft/
-
Google Chrome shifts to two-week release cycle for increased stability
Google Chrome will shift from a four-week to a two-week release cycle to roll out new features, bug fixes, and performance improvements more frequently. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-chrome-shifts-to-two-week-release-cycle-for-increased-stability/
-
Chrome flaw let extensions hijack Gemini’s camera, mic, and file access
Researchers found a now-patched vulnerability in “Live in Chrome” that allowed a Chrome extension to inherit Gemini’s permissions. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/chrome-flaw-let-extensions-hijack-geminis-camera-mic-and-file-access/
-
Chrome Gemini panel became privilege escalator for rogue extensions
High-severity flaw let malicious add-ons access system via browser’s embedded AI feature First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/google_chrome_bug_gemini/
-
Chrome security flaw enabled spying via Gemini Live assistant
A Google Chrome vulnerability lets malicious extensions hijack Gemini Live to spy on users and steal sensitive files. Researchers at Palo Alto Networks found a Chrome vulnerability, tracked as CVE-2026-0628, that could let malicious extensions take control of the Gemini Live AI assistant. By abusing the flaw, attackers could spy on users and exfiltrate sensitive…
-
Google Chrome Introduces Merkle Tree Certificates to Protect HTTPS from Quantum Attacks
Google Chrome’s Secure Web and Networking Team has unveiled a new initiative aimed at defending HTTPS traffic against emerging quantum computing threats. This development, rooted in the Internet Engineering Task Force’s (IETF) >>PKI, Logs, And Tree Signatures<< (PLANTS) working group, introduces Merkle Tree Certificates (MTCs) as a quantum-safe evolution for the web ecosystem. Quantum computers…