Chrome Archives

Malware & Threats

Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data

With more than 37 million combined downloads, the extensions expose users to tracking and personal information theft.

Ionut ArghireFebruary 14, 2026

Vulnerabilities

Chrome 145 Patches 11 Vulnerabilities

Three of the security defects are high-severity flaws, two of which were found and reported by Google.

Ionut ArghireFebruary 13, 2026

Artificial Intelligence

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

Marketed as ChatGPT enhancement and productivity tools, the extensions allow the threat actor to access the victim's ChatGPT data.

Ionut ArghireJanuary 27, 2026

Vulnerabilities

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

The two browser updates resolve 26 security defects, including bugs that could be exploited for code execution.

Ionut ArghireJanuary 14, 2026

Malware & Threats

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Impersonating a legitimate extension from AITOPIA, the two malicious extensions were also exfiltrating users’ browser activity.

Ionut ArghireJanuary 7, 2026

Vulnerabilities

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw

Apple has released macOS and iOS updates to patch two WebKit zero-days exploited in an “extremely sophisticated” attack.

Eduard KovacsDecember 15, 2025

Vulnerabilities

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild

The Chrome zero-day does not have a CVE and it's unclear who reported it and which browser component it affects.

Eduard KovacsDecember 11, 2025

Artificial Intelligence

Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks

Chrome’s new agentic browsing protections include user alignment critic, expanded origin-isolation capabilities, and user confirmations.

Ionut ArghireDecember 8, 2025

Vulnerabilities

Chrome 143 Patches High-Severity Vulnerabilities

Chrome 143 stable was released with patches for 13 vulnerabilities, including a high-severity flaw in the V8 JavaScript engine.

Ionut ArghireDecember 3, 2025

Malware & Threats

Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors

The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access.

Ionut ArghireDecember 2, 2025

Vulnerabilities

Chrome 142 Update Patches Exploited Zero-Day

The flaw was reported by Google's Threat Analysis Group and was likely exploited by a commercial spyware vendor.

Ionut ArghireNovember 18, 2025

Vulnerabilities

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases

Google and Mozilla have released fresh Chrome and Firefox updates that address multiple high-severity security defects.

Ionut ArghireNovember 13, 2025

Vulnerabilities

Chrome 142 Update Patches High-Severity Flaws

An out-of-bounds write flaw in WebGPU tracked as CVE-2025-12725 could be exploited for remote code execution.

Ionut ArghireNovember 7, 2025

Vulnerabilities

Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities

The two bugs are high-severity type confusion and inappropriate implementation issues in the browser’s V8 JavaScript engine.

Ionut ArghireNovember 3, 2025

Data Protection

Chrome to Turn HTTPS on by Default for Public Sites

Starting October 2026, the browser will ask users if they want to access public websites that do not use secure connections.

Ionut ArghireOctober 29, 2025

Vulnerabilities

Chrome Zero-Day Exploitation Linked to Hacking Team Spyware

The threat actor behind Operation ForumTroll used the same toolset typically employed in Dante spyware attacks.

Ionut ArghireOctober 27, 2025

Vulnerabilities

Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities

High-severity flaws were patched in Chrome’s WebGPU and Video components, and in Firefox’s Graphics and JavaScript Engine components.

Ionut ArghireOctober 3, 2025

Vulnerabilities

Chrome 140 Update Patches Sixth Zero-Day of 2025

An exploited type confusion in the V8 JavaScript engine tracked as CVE-2025-10585 was found by Google Threat Analysis Group this week.

Ionut ArghireSeptember 18, 2025

Vulnerabilities

Critical Chrome Vulnerability Earns Researcher $43,000

Google patched a critical use-after-free vulnerability in Chrome that could potentially lead to code execution.

Ionut ArghireSeptember 11, 2025

Vulnerabilities

Google Patches High-Severity Chrome Vulnerability in Latest Update

Chrome's latest release addresses a high-severity use-after-free vulnerability in the V8 JavaScript engine that could be exploited for remote code execution.

Ionut ArghireSeptember 3, 2025

SECURITYWEEK NETWORK:

ICS:

All posts tagged "Chrome"

Malware & Threats

Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data

Vulnerabilities

Chrome 145 Patches 11 Vulnerabilities

Artificial Intelligence

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

Vulnerabilities

Chrome 144, Firefox 147 Patch High-Severity Vulnerabilities

Malware & Threats

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Vulnerabilities

Apple Patches Two Zero-Days Tied to Mysterious Exploited Chrome Flaw

Vulnerabilities

Google Patches Mysterious Chrome Zero-Day Exploited in the Wild

Artificial Intelligence

Google Fortifies Chrome Agentic AI Against Indirect Prompt Injection Attacks

Vulnerabilities

Chrome 143 Patches High-Severity Vulnerabilities

Malware & Threats

Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors

Vulnerabilities

Chrome 142 Update Patches Exploited Zero-Day

Vulnerabilities

Firefox 145 and Chrome 142 Patch High-Severity Flaws in Latest Releases

Vulnerabilities

Chrome 142 Update Patches High-Severity Flaws

Vulnerabilities

Google Pays $100,000 in Rewards for Two Chrome Vulnerabilities

Data Protection

Chrome to Turn HTTPS on by Default for Public Sites

Vulnerabilities

Chrome Zero-Day Exploitation Linked to Hacking Team Spyware

Vulnerabilities

Chrome 141 and Firefox 143 Patches Fix High-Severity Vulnerabilities

Vulnerabilities

Chrome 140 Update Patches Sixth Zero-Day of 2025

Vulnerabilities

Critical Chrome Vulnerability Earns Researcher $43,000

Vulnerabilities

Google Patches High-Severity Chrome Vulnerability in Latest Update

Featured

Vulnerabilities

Splunk Enterprise Vulnerability Exploited in Attacks Days After Disclosure

Funding/M&A

Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push

Data Breaches

Kodak Admits Data Breach After ShinyHunters Hack Claims

Vulnerabilities

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day

Vulnerabilities

3 Recently Patched Fortinet FortiSandbox Vulnerabilities in Hacker Crosshairs

Hacker Conversations

Hacker Conversations: Isira Adithya, the Evolution of an Ethical Hacker

Artificial Intelligence

AI and Cybersecurity – Everything You Wanted to Know, But Were Afraid to Ask

Latest News

Funding/M&A

Cisco to Acquire WideField Security to Boost Splunk’s Agentic SOC

Malware & Threats

15,000 WordPress Websites Cleaned Up in SocGholish Botnet Takedown

Vulnerabilities

Majority of Internet-Accessible REDCap Servers Outdated

Funding/M&A

Accenture to Acquire Majority Stake in Dragos, All of runZero, NetRise in $4.1 Billion OT Cybersecurity Push

Vulnerabilities

No Exploits Required

Cybersecurity Funding

Dream Raises $260 Million at $3 Billion Valuation

Vulnerabilities

Atlassian, Splunk Patch Critical Vulnerabilities

Daily Briefing Newsletter