Tag: chrome
-
Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks
A privacy expert warns Chrome still allows browser fingerprinting and tracking, raising concerns after Google’s shift away from third-party cookie changes. The post Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-chrome-browser-fingerprinting-privacy-concerns/
-
Fake TikTok Downloaders on Chrome and Edge Spying on 130,000 Users
Over 130,000 users are at risk from fake TikTok downloader extensions on Chrome and Microsoft Edge. Researchers discovered these malicious tools use device fingerprinting to spy on users and steal sensitive browser data. First seen on hackread.com Jump to article: hackread.com/fake-tiktok-downloaders-chrome-edge-spy-users/
-
AI Model Claude Opus turns bugs into exploits for just $2,283
Claude Opus created a working Chrome exploit for $2,283, showing that widely available AI models can already find and weaponize vulnerabilities. Claude Opus managed to produce a functional Chrome exploit for just $2,283, raising concerns about how easily AI can be used to find and exploit vulnerabilities. Below is the cost of the experiment: Model…
-
Researcher Claims Claude Opus Enabled Creation of Working Chrome Exploit
A security researcher has shown that Anthropic’s Claude Opus can help build a working browser exploit chain against Google Chrome’s V8 engine, raising fresh concerns about how quickly AI can speed up offensive security work. The experiment was published by Mohan Pedhapati, also known as s1r1us, CTO of Hacktron, and it arrived just days after…
-
Researcher Claims Claude Opus Enabled Creation of Working Chrome Exploit
A security researcher has shown that Anthropic’s Claude Opus can help build a working browser exploit chain against Google Chrome’s V8 engine, raising fresh concerns about how quickly AI can speed up offensive security work. The experiment was published by Mohan Pedhapati, also known as s1r1us, CTO of Hacktron, and it arrived just days after…
-
Researcher Claims Claude Opus Enabled Creation of Working Chrome Exploit
A security researcher has shown that Anthropic’s Claude Opus can help build a working browser exploit chain against Google Chrome’s V8 engine, raising fresh concerns about how quickly AI can speed up offensive security work. The experiment was published by Mohan Pedhapati, also known as s1r1us, CTO of Hacktron, and it arrived just days after…
-
Für 2.300 US-Dollar: Forscher entlockt Claude gefährlichen Chrome-Exploit
Ein Forscher hat mit Claude Opus in rund 20 Stunden eine funktionierende Exploit-Kette für Chrome entwickelt. Mythos braucht es dafür gar nicht. First seen on golem.de Jump to article: www.golem.de/news/fuer-2-300-us-dollar-forscher-entlockt-claude-gefaehrlichen-chrome-exploit-2604-207706.html
-
Claude Opus wrote a Chrome exploit for $2,283
Pause your Mythos panic because mainstream models anyone can use already pick holes in popular software First seen on theregister.com Jump to article: www.theregister.com/2026/04/17/claude_opus_wrote_chrome_exploit/
-
Über 100 bösartige Erweiterungen im Chrome Web Store entdeckt
Insgesamt 108 Erweiterungen wurden als Teil einer großangelegten Spionage-Kampagne im Chrome Web Store identifiziert, die es gezielt auf Telegram-Sitzungen und Google-Identitäten abgesehen hat. Trotz der Warnungen sind viele der gefährlichen Tools noch immer für Nutzer zugänglich. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/chrome-web-store
-
108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users
Cybersecurity researchers have revealed that 108 malicious Google Chrome extensions have been quietly stealing user credentials, hijacking Telegram sessions, and injecting unwanted ads and scripts into browsers – all reporting back to the same central point. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/malicious-chrome-extensions-steal-google-telegram-data
-
Google Chrome lacks protection against one of the most basic and common ways to track users online
Browser fingerprinting is everywhere First seen on theregister.com Jump to article: www.theregister.com/2026/04/16/google_chrome_lacks_browser_fingerprinting/
-
Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft
Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, backdoors, and ad injection. The post Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-malicious-chrome-extensions-data-theft/
-
Chrome Privacy Vulnerability Exposes Users via Fingerprinting and Header Leaks
A new technical review of Google Chrome’s privacy posture shows that modern tracking no longer depends only on cookies, because websites can combine browser fingerprinting, storage tricks, and HTTP header leaks to identify users with surprising accuracy. Chrome has reduced some obvious signals, but many high-value surfaces such as canvas rendering, WebGL, audio processing, Client…
-
Over 100 Chrome Web Store extensions steal user accounts, data
More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-100-chrome-extensions-in-web-store-target-users-accounts-and-data/
-
Over 100 Chrome extensions in Web Store target users accounts and data
More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-100-chrome-extensions-in-web-store-target-users-accounts-and-data/
-
Malicious Chrome Extensions Campaign Exposes User Data
108 malicious Chrome extensions steal sessions, Google data, inject ads via single C2 infrastructure First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chrome-extensions-expose-user-data/
-
108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users
Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads and arbitrary JavaScript code into every web page visited.According to Socket, the extensions are…
-
Google Chrome Update Disrupts Infostealer Cookie Theft
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows. First seen on hackread.com Jump to article: hackread.com/google-chrome-update-infostealer-cookie-theft/
-
Google Locks Chrome Sessions to Devices to Stop Cookie Theft
Google has officially launched a major security upgrade to protect users from session hijacking. Starting with Chrome version 146 for Windows users, Device Bound Session Credentials (DBSC) is now publicly available. This new feature aims to stop malware from stealing web cookies and using them to bypass passwords and multi-factor authentication. Support for macOS users…
-
Breaking the Patch Sound Barrier: Your Vulnerability Remediation Will Not Keep Up With AI Exploit”¦
Breaking the Patch Sound Barrier: Your Vulnerability Remediation Will Not Keep Up With AI Exploit Speed. So? Many years ago while at Gartner, I wrote a blog post where I defined the concept of the “Patch Sound Barrier.” (original via Archive if you don’t believe that I was that smart back in 2013 🙂) This was an…
-
Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
Chrome’s Device Bound Session Credentials is designed to block infostealers from harvesting session cookie First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-chrome-protection/
-
Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
Chrome’s Device Bound Session Credentials is designed to block infostealers from harvesting session cookie First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-chrome-protection/
-
To counter cookie theft, Chrome ships device-bound session credentials
Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/10/google-chrome-device-bound-session-credentials/
-
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta.The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in an upcoming Chrome release.”This project represents a significant First…
-
Cloudflare ‘actively adjusting’ quantum priorities in wake of Google warning
Tags: android, attack, awareness, browser, chrome, ciso, communications, compliance, computer, computing, crypto, cryptography, cybersecurity, data, encryption, google, government, group, Hardware, infrastructure, Internet, ml, mobile, regulation, risk, service, strategy, technology, threat, vulnerabilityNational Institute of Standards and Technology (NIST) has set a 2030 deadline for depreciating legacy encryption algorithms ahead of their planned retirement in 2035.Late last month Google brought forward its own post-quantum cryptography (PQC) deadline a year to 2029 because advances in quantum computers mean that legacy encryption and digital signature systems are at greater…
-
Google Chrome adds infostealer protection against session cookie theft
Google has rolled out Device Bound Session Credentials (DBSC) protection in Chrome 146 for Windows, designed to block info-stealing malware from harvesting session cookies. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-chrome-adds-infostealer-protection-against-session-cookie-theft/
-
Critical Chrome Flaws Let Attackers Execute Arbitrary Code
Google has released an urgent security update for its Chrome browser, resolving multiple dangerous vulnerabilities. The Chrome team promoted version 147 to the stable channel for Windows, Mac, and Linux users on April 7, 2026. This major release patches flaws that could allow attackers to execute arbitrary code and take full control of affected systems.…
-
âš¡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there.One weak spot now spreads wider than before. What starts small can reach a lot of systems fast. New bugs, faster…
-
Google Brings Lazy Loading to Media Files in New Chrome Release
Google has announced a significant update for its Chrome browser, extending native lazy loading capabilities to audio and video elements. This highly anticipated feature aims to improve web performance, drastically save bandwidth, and offer subtle security benefits by controlling when media resources connect to external servers. Expanding the Lazy Loading Attribute Web developers have long…
-
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/linkedin-secretly-scans-for-6-000-plus-chrome-extensions-collects-data/