Security news aggregator

Latest coverage for Web Browser

Web browsers process untrusted web content, making flaws, malicious extensions, and stolen session data important cybersecurity concerns.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A web browser is software that retrieves and displays websites and web applications, while executing code such as JavaScript and storing data including cookies, credentials, and browsing history. Its security boundary includes the browser interface, rendering engine, networking components, extensions, and connections to operating-system resources.

Browsers are exposed to malicious or compromised websites, phishing pages, drive-by exploitation of browser vulnerabilities, and abusive extensions. A successful exploit may escape browser isolation or access site data, while stolen cookies can enable account use without the password. Important defenses include prompt browser and extension updates, sandboxing and site isolation, phishing protection, carefully controlled permissions, and HTTPS (which protects data in transit but does not make a site trustworthy). Organizations may also manage versions, extensions, and configuration centrally, and use browser telemetry during vulnerability management or investigations.

Showing 2 most recent headlines Filtered view
Krebs on Security 7 months, 3 weeks ago

Mozilla Says It’s Finally Done With Two-Faced Onerep

In March 2024, Mozilla said it was winding down its collaboration with Onerep -- an identity protection service offered with the Firefox web browser that promises to remove users from hundreds of people-search sites -- after KrebsOnSecurity revealed Onerep's founder had created dozens of people-search services and was continuing to operate at least one of them. Sixteen months later, however, Mozilla is still promoting Onerep. This week, Mozilla announced their partnership with Onerep will officially end next month.