Tag: chrome
-
Rilide Malware Poses as Browser Extension to Steal Login Credentials from Chrome and Edge Users
Rilide, a sophisticated malware, has been masquerading as a legitimate browser extension to steal sensitive information from users of Chromium-based browsers like Google Chrome and Microsoft Edge. First identified in April 2023, this malware is designed to capture screenshots, log passwords, and collect credentials for cryptocurrency wallets. It often disguises itself as a Google Drive…
-
Advanced Malware Targets Cryptocurrency Wallets
More attacks targeting cryptocurrency users. Microsoft has identified a new Remote Access Trojan, named StilachiRAT, that has sophisticated capabilities to remain stealthy and persistent so it can harvest crypto wallet credentials via web browsers. The malware targets many widely used cryptocurrency wallet browser extensions: 1. Bitget Wallet (Formerly BitKeep) 2. Trust Wallet 3. TronLink…
-
New phishing campaign uses scareware to steal Apple credentials
The campaign previously targeted Windows users: According to LayerX researchers, the campaign has been seen targeting Mac users only in the last few months. Initially, it targeted Windows users by masquerading as Microsoft security alerts.Designed to steal user credentials, threat actors have apparently shifted focus to Mac users owing to new security features being rolled…
-
Critical Chrome Vulnerability Allows Attackers to Execute Arbitrary Code
Google has recently rolled out a critical security update for its Chrome browser, addressing vulnerabilities that could potentially allow attackers to execute arbitrary code. This update is part of a broader effort to ensure user safety in an increasingly threat-ridden digital landscape. The latest version, 134.0.6998.117/.118, is being rolled out across Windows, Mac, and Linux…
-
In Other News: Critical Chrome Bug, Capital One Hacker Resententencing, Story of Expat Flaw
Noteworthy stories that might have slipped under the radar: Capital One hacker’s sentence reversed, Google patches critical Chrome vulnerability, the story of an Expat flaw. The post In Other News: Critical Chrome Bug, Capital One Hacker Resententencing, Story of Expat Flaw appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/in-other-news-critical-chrome-bug-capital-one-hacker-resententencing-story-of-expat-flaw/
-
Google warnt: Kritische Sicherheitslücke in Chrome gefährdet Nutzer
Viele Details nennt Google zu der Chrome-Lücke nicht, eine Schadcodeausführung ist aber nicht auszuschließen. Angriffe gelingen aus der Ferne. First seen on golem.de Jump to article: www.golem.de/news/google-warnt-kritische-sicherheitsluecke-in-chrome-gefaehrdet-nutzer-2503-194497.html
-
How to detect Headless Chrome bots instrumented with Playwright?
Headless Chrome bots powered by Playwright have become a go-to tool for bot developers due to their flexibility and efficiency. Playwright’s cross-browser capabilities, coupled with an API similar to Puppeteer and the lightweight nature of Headless Chrome, make it a powerful choice for tasks like web scraping, credential First seen on securityboulevard.com Jump to article:…
-
Microsoft identifies new RAT targeting cryptocurrency wallets and more
A previously unreported remote access trojan that Microsoft researchers dubbed StilachiRAT is designed to steal a wide range of data, including information about cryptocurrency wallet extensions for Google’s Chrome browser. First seen on therecord.media Jump to article: therecord.media/stilachirat-new-remote-access-trojan-crypto-wallets
-
Security Researcher Proves GenAI Tools Can Develop Google Chrome Infostealers
A Cato Networks researcher discovered a new LLM jailbreaking technique enabling the creation of password-stealing malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/security-researcher-llm/
-
StilachiRAT Exploits Chrome for Crypto Wallets and Credentials
StilachiRAT: Sophisticated malware targets crypto wallets credentials. Undetected, it maps systems steals data. Microsoft advises strong security measures. First seen on hackread.com Jump to article: hackread.com/stilachirat-exploits-chrome-crypto-wallets-credentials/
-
How to detect Headless Chrome bots instrumented with Puppeteer?
Headless Chrome bots powered by Puppeteer are a popular choice among bot developers. The Puppeteer API’s ease of use, combined with the lightweight nature of Headless Chrome, makes it a preferred tool over its full-browser counterpart. It is commonly used for web scraping, credential stuffing attacks, and the First seen on securityboulevard.com Jump to article:…
-
Latest Chrome Update Addresses Multiple High-Risk Security Issues
Google has released a critical update for its Chrome browser, advancing the stable channel to version 134.0.6998.88 for Windows, Mac, and Linux, and 134.0.6998.89 for Windows and Mac on the Extended Stable channel. This update includes several high-priority security fixes to safeguard users against potential threats. The rollout will occur over the coming days and…
-
Cloudflare’s bot bouncer blocks weirdo browsers
Not on Firefox or a Chrome derivative? You shall not pass First seen on theregister.com Jump to article: www.theregister.com/2025/03/04/cloudflare_blocking_niche_browsers/
-
Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities
Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities. The post Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-134-firefox-136-patch-high-severity-vulnerabilities/
-
Chrome 134 Launches with Patches for 14 Crash-Inducing Vulnerabilities
Google has rolled out Chrome 134 to the stable channel for Windows, macOS, and Linux, addressing14 security vulnerabilities”, including high-severity flaws that could enable remote code execution or crashes. The update, version 134.0.6998.35 for Linux, 134.0.6998.35/36 for Windows, and 134.0.6998.44/45 for macOS, follows weeks of testing and includes critical fixes for vulnerabilities in components like…
-
Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers
The problem started with Manifest V3, Chrome’s new extension specification, which is supposed to improve privacy. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/chrome-extension-firefox-ublock-origin/
-
Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers
Mozilla has renewed its promise to continue supporting Manifest V2 extensions alongside Manifest V3, giving users the freedom to use the extensions they want in their browser. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/firefox-continues-manifest-v2-support-as-chrome-disables-mv2-ad-blockers/
-
Widespread Chrome Malware: 16 Extensions Infect Over 3.2 Million Users
A recent cybersecurity investigation has uncovered a cluster of 16 malicious Chrome extensions that have compromised at least 3.2 million users. These extensions, which include functionalities like screen capture, ad blocking, and emoji keyboards, were found to inject code into browsers, facilitating advertising and search engine optimization fraud. The threat actor behind this campaign is…
-
Google Chrome disables uBlock Origin for some in Manifest v3 rollout
Google continues its rollout of gradually disabling uBlock Origin and other Manifest V2-based extensions in the Chrome web browser as part of its efforts to push users to Manifest V3-based extensions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-chrome-disables-ublock-origin-for-some-in-manifest-v3-rollout/
-
Snake Keylogger Targets Chrome, Edge, and Firefox Users in New Attack Campaign
A new variant of the Snake Keylogger, also known as 404 Keylogger, has been detected targeting users of popular web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox. FortiGuard Labs identified this threat using FortiSandbox v5.0 (FSAv5), a cutting-edge malware detection platform powered by advanced artificial intelligence (AI) and machine learning. This malicious…
-
Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities
Google and Mozilla resolve high-severity memory safety vulnerabilities with the latest Chrome and Firefox security updates. The post Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-133-firefox-135-updates-patch-high-severity-vulnerabilities/
-
Chrome Buffer Overflow Flaws Let Hackers Execute Arbitrary Code Gain System Access
Google has rolled out an urgent security update for its Chrome browser, patching three vulnerabilities”, including two critical heap buffer overflow flaws”, that could enable attackers to execute arbitrary code and seize control of affected systems. The update (version 133.0.6943.126/.127 for Windows/Mac and 133.0.6943.126 for Linux) follows the discovery of exploits in Chrome’s V8 JavaScript…
-
Highly Obfuscated .NET sectopRAT Mimic as Chrome Extension
SectopRAT, also known as Arechclient2, is a sophisticated Remote Access Trojan (RAT) developed using the .NET framework. This malware is notorious for its advanced obfuscation techniques, making it challenging to analyze and detect. Recently, cybersecurity researchers uncovered a new campaign where sectopRAT disguises itself as a legitimate Google Chrome extension named >>Google Docs,
-
XCSSET macOS malware reappears with new attack strategies, Microsoft sounds alarm
Xcode developers targeted through infected projects: Microsoft reported that XCSSET continues to spread via compromised Xcode projects, a technique that has been in use since the malware’s discovery in 2020. Once an infected project is cloned or downloaded, the malware can embed itself within the developer’s system and further propagate when the infected code is…
-
Safe Browsing: KI-Feature in Google Chrome ab sofort verfügbar
Das Surfen mit Chrome soll sicherer werden. Dabei spielt KI die zentrale Rolle. Der Schutz ist standardmäßig aber nicht aktiv. First seen on heise.de Jump to article: www.heise.de/news/Google-Chrome-KI-Schutz-vor-Phishing-Websites-Co-ab-sofort-aktivierbar-10284604.html
-
Google Chrome Introduces AI to Block Malicious Websites and Downloads
Google has taken a significant step in enhancing internet safety by integrating artificial intelligence (AI) into its >>Safe Browsing
-
Google Chrome’s AI-powered security feature rolls out to everyone
Google Chrome has updated the existing “Enhanced protection” feature with AI to offer “real-time” protection against dangerous websites, downloads and extensions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-chromes-ai-powered-security-feature-rolls-out-to-everyone/
-
Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability
Google has released a Chrome 133 update to address four high-severity vulnerabilities reported by external researchers. The post Google Pays Out $55,000 Bug Bounty for Chrome Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/google-pays-out-55000-bug-bounty-for-chrome-vulnerability/
-
Google Chrome’s Safe Browsing Now Protects 1 Billion Users Worldwide
Google’s Safe Browsing technology now ensures enhanced protection for over 1 billion Chrome users worldwide. Launched in 2005, Safe Browsing is a robust system designed to safeguard users from phishing, malware, scams, and other cyber threats. By leveraging advanced artificial intelligence (AI) and machine learning, this cutting-edge technology has become a cornerstone of web security,…