Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild
Google fixed a new Chrome zero-day, tracked as CVE-2026-11645, in the V8 JavaScript engine, which is already being exploited in the wild. Google released emergency updates to address a new Chrome zero-day vulnerability, tracked as CVE-2026-11645, that has been exploited in the wild. This flaw is the fifth Chrome zero-day that is being exploited in […]
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device. [...]
Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware
Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. [...]
Cybersecurity researchers have discovered a new campaign in which a cluster of 108 Google Chrome extensions has been found to communicate with the same command-and-control (C2) infrastructure with the goal of collecting user data and enabling browser-level abuse by injecting ads and arbitrary JavaScript code into every web page visited
Skia graphics lib and V8 JavaScript engine brings browser's tally of actively exploited bugs to three in 2026 Google has pushed out an emergency Chrome update to fix two previously unknown vulnerabilities that attackers were already exploiting before the patches landed.…
Who hasn't exploited this max-severity flaw? At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attacking the React2Shell, a maximum-severity flaw in the widely used React JavaScript library, according to Google.…
Google on Monday released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild
Google on Wednesday released security updates for the Chrome web browser to address four vulnerabilities, including one that it said has been exploited in the wild
Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild
Google on Monday released out-of-band fixes to address three security issues in its Chrome browser, including one that it said has come under active exploitation in the wild
Google has revealed that a security flaw that was patched as part of a software update rolled out last week to its Chrome browser has come under active exploitation in the wild
Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild
Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library ("polyfill.js") to redirect users to malicious and scam sites."Protecting our users is our top priority. We detected a security issue recently that may affect websites using certain third-party libraries," the company said in a
Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild
Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild
Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild
Google Fixes Out-of-Bounds Memory Access Flaw, Microsoft Edge Browser Also AffectedGoogle released an urgent fix for the first zero-day vulnerability of the year in its Chrome web browser, warning the bug is under active exploitation. Google blamed an out-of-bounds memory access flaw in its V8 JavaScript rendering engine. It also affects Microsoft Edge browser.