Security news aggregator

Latest coverage for Chrome

Stay updated with the latest Chrome security features, vulnerabilities, and updates to safeguard your information online.

14 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Chrome is a web browser that processes and displays web content, executing complex web applications through its rendering engine and JavaScript runtime. Its architecture includes sandboxing techniques to isolate web pages and extensions, limiting their ability to affect the underlying system. Chrome’s extension framework allows third-party add-ons, which can introduce security risks if they request excessive permissions or contain malicious code.

Security concerns focus on vulnerabilities in Chrome’s engine or sandbox that could enable remote code execution or privilege escalation. Malicious or compromised extensions may access sensitive data or inject harmful scripts, making permission management critical. Timely patching of browser updates and monitoring for zero-day exploits are essential to maintain security, while features like site isolation help contain attacks originating from compromised web content or extensions. Understanding these aspects is key for protecting users from browser-based threats.

Volume over time

Weekly headline count for the current query.

Showing 14 most recent headlines Filtered view
Bank Info Security 6 months, 1 week ago

Breach Roundup: Firewalls Headed for Obsolescence

Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws ExploitedThis week, Moody's said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches.

Bank Info Security 6 months, 1 week ago

Breach Roundup: Firewalls Headed for Obsolesce

Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws ExploitedThis week, Moody's said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches.

Bank Info Security 6 months, 3 weeks ago

Urban VPN Proxy Spies on AI Chatbot Conversations

Browser Tools Capture Chatbot Data, Sell to Data Broker: Koi SecurityA browser extension promising a free clientless VPN for Chrome users has been harvesting conversations from artificial intelligence chatbot platforms and selling the data to third-party brokers. The data collection operates independently of the VPN functionality itself.

Bank Info Security 7 months, 1 week ago

23andMe to Get $16.5M in Unused Cyber Insurance

Bankrupt Firm Plans to Use the Settlement Money to Pay Off Cyber ClaimsAs part of its ongoing Chapter 11 bankruptcy proceedings, 23andMe Holding Co. - now named Chrome Holding - has reached a settlement with its cyber insurers for the carriers to buy back $16.5 million of the consumer genetics testing firm's unused cyber policy. What will the company do with the funds?

Also: Spain Defies Pressure to Eject Huawei, Hackers Leak North Korea Kimsuky DataThis week, Norway said Russian hackers attacked a flood gate, Spain defied pressure to eject Huawei, a cyberattack against the Office of the Pennsylvania Attorney General. Hackers leaked stolen North Korean Kimsuky data, Microsoft patched a Kerberos zero-day and a big Chrome bug bounty.

Bank Info Security 11 months, 3 weeks ago

Chrome's AI Challenger Has Landed: Meet Comet

Perplexity's Comet Blends Familiarity With Agentic AI to Reshape the WebPerplexity, the fast-rising AI search engine startup backed by the likes of Nvidia and Jeff Bezos, is riding on a cosmic high with the launch of Comet - a full-featured AI-native web browser that claims to "browse at the speed of thought."

Bank Info Security 1 year, 3 months ago

Breach Roundup: Signal Is Safe

Also: FamousSparrow Is Back, Snowflake Hacker Agrees to ExtraditionThis week, Signal update, FamousSparrow is back, suspected Snowflake hacker agreed to U.S. extradition, train tickets sales hack in Ukraine, a patched Chrome zero-day, phishing targets SEO pros, DrayTek router outage, South African chicken producer attacked, and bad npm packages.

Bank Info Security 1 year, 6 months ago

36 Chrome Extensions Compromised in Supply Chain Attack

Developers Listed as Public Contact Points Targeted in Phishing CampaignA supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people.

Users of Cyberhaven's Data-Loss Prevention Chrome Extension Among Those TargetedMultiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a data-loss tool built by cybersecurity startup Cyberhaven, which said attackers appeared to be targeting Facebook Ads accounts.

Bank Info Security 1 year, 9 months ago

Octo2 Malware Masquerades as Popular Apps

Android Poses as NordVPN, Google Chrome in EuropeA new version of the Octo Android malware is spreading across Europe, posing as legitimate apps such as NordVPN and Google Chrome. The latest iteration includes advanced anti-detection mechanisms and a domain generation algorithm for command-and-control communication.

Bank Info Security 1 year, 10 months ago

Cryptohack Roundup: Investors Sue Binance

Also: Malicious Chrome Extension; Mango Markets-SEC SettlementThis week, Binance, ASX and Google sued; Solana users targeted; McDonalds' X account hacked; Mango Markets and SEC settled; China updated AML law; sentencing in the HTSB case; arrest in the BitConnect case; Australia shuttered 615 scams; Malaysia adopted Worldcoin, arrested crypto thieves.

Bank Info Security 2 years, 2 months ago

Breach Roundup: Kimsuky Serves Linux Trojan

Also: Turla Targets European Missions and Google Patches Chrome Zero-DaysThis week, hackers used a Linus backdoor and a Microsoft client management tool; Santander Bank, the Helsinki Education Division, an Australian energy provider and auction house Christie's were breached; hackers targeted European missions in the Middle East; and Google patched a zero-day flaw.

Bank Info Security 2 years, 3 months ago

Google to Delete Incognito Search Data to Seal Lawsuit Deal

Proposed Lawsuit Settlement Doesn't Require Tech Giant to Pay DamagesGoogle says it will delete web browsing data generated by 136 million individuals who used the tech giant's Chrome browser in Incognito mode as part of a proposed settlement ending a class action lawsuit alleging the tech giant had misled consumers about privacy protections.

Bank Info Security 2 years, 6 months ago

Chrome Patches First Zero-Day of 2024 Exploited in the Wild

Google Fixes Out-of-Bounds Memory Access Flaw, Microsoft Edge Browser Also AffectedGoogle released an urgent fix for the first zero-day vulnerability of the year in its Chrome web browser, warning the bug is under active exploitation. Google blamed an out-of-bounds memory access flaw in its V8 JavaScript rendering engine. It also affects Microsoft Edge browser.