More results...
Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have access to sensitive data 99% of enterprise users have at least one extension i…
Slashdot reader king*jojo shared this article from The Register:
A 23-year-old side-channel attack for spying on people’s web browsing histories will get shut down in the forthcoming Chrome 136, released last Thursday to the Chrome beta channel. At le…
Cybersecurity experts have unearthed an intricate cyber campaign that leverages deceptive websites posing as the Google Play Store to distribute Android malware. These websites, hosted on newly registered domains, create a façade of credible applicatio…
Google has rolled out a critical update for its Chrome browser, addressing a high-severity vulnerability that could allow remote code execution. The flaw, identified as CVE-2025-3066, targets Chrome’s Site Isolation feature, underscoring the importance…
North Korean state-sponsored threat actors associated with the Lazarus Group have intensified their Contagious Interview campaign by deploying novel malicious npm packages leveraging hexadecimal string encoding to bypass detection mechanisms. These pac…
A newly discovered credit card skimming campaign, dubbed “RolandSkimmer,” is exploiting browser extensions to exfiltrate sensitive financial data. This advanced malware has been observed targeting users primarily in Bulgaria and operates ac…
Chrome 135 and Firefox 137 were released on Tuesday with fixes for several high-severity memory safety vulnerabilities.
The post Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
The Chrome extension Honey has lost over 4 million users after a viral video exposed it for hijacking affiliate codes and misleading users about finding the best coupon deals. 9to5Google reports: As we reported in early January, Honey had lost around 3…
Google’s fixing of CVE-2025-2783, a Chrome zero-day vulnerability exploited by state-sponsored attackers, has spurred Firefox developers to check whether the browser might have a similar flaw – and they found it. There’s currently no …
Firefox developers have determined that their browser is affected by a vulnerability similar to the recent Chrome sandbox escape zero-day.
The post Firefox Affected by Flaw Similar to Chrome Zero-Day Exploited in Russia appeared first on SecurityWeek.