Tag: chrome
-
SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac, iPad Silicon
It’s another cousin of Spectre, here to read your email, browsing history, and more First seen on theregister.com Jump to article: www.theregister.com/2025/01/29/flop_and_slap_attacks_apple_silicon/
-
Google to kill Chrome Sync on older Chrome browser versions
by
in SecurityNewsGoogle announced that the Chrome Sync feature will be discontinued in early 2025 for Chrome versions older than four years. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-to-kill-chrome-sync-on-older-chrome-browser-versions/
-
Chrome Security Update Patch for 3 High-Severity Vulnerabilities
by
in SecurityNewsGoogle has released a critical update for the Chrome browser, addressing three high-severity security vulnerabilities. This patch, part of the latest Stable channel release, ensures users remain protected from potential threats. The new version rolled out progressively, underscores Chrome’s commitment to providing a secure browsing environment. Users are urged to update their browsers promptly to…
-
Google launches customizable Web Store for Enterprise extensions
by
in SecurityNewsGoogle has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees’ web browsers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-launches-customizable-web-store-for-enterprise-extensions/
-
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
by
in SecurityNewsA sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users. The attack, which unfolded in December 2024, involved phishing campaigns aimed at extension developers and the injection of malicious code into legitimate Chrome extensions. Sensitive user data, including API keys, session cookies, and authentication tokens…
-
Supply chain attack hits Chrome extensions, could expose millions
by
in SecurityNewsThreat actor exploited phishing and OAuth abuse to inject malicious code First seen on theregister.com Jump to article: www.theregister.com/2025/01/22/supply_chain_attack_chrome_extension/
-
Spooks of the internet came alive this Halloween
by
in SecurityNewsHalloween 2024 made history with a massive spike in distributed denial of service (DDoS) attacks, with one particular assault reaching over 5 Terabits-per-second (Tbps) worth of phony traffic.In its quarterly analysis of DDoS attacks, Cloudflare reported a surge in hyper-volumetric attacks in the fourth quarter of 2024.”In the fourth quarter, over 420 of those attacks…
-
Kompromittierte Chrome-Extensions als Gefahr
by
in SecurityNewsIch stelle mal ein nicht mehr so ganz neues Problem hier im Beitrag zur Diskussion. Manche Leute verwenden ja recht heftig sogenannte Browser-Extensions. Die bieten Zusatzfunktionen, setzen Nutzer aber der Gefahr aus, dass plötzlich Schadfunktionen über kompromittierte Extensions in den … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/01/22/kompromittierte-chrome-extensions-als-gefahr/
-
Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
by
in SecurityNewsA newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling cybercriminals to steal sensitive cookies from Google Chrome. This incident marks a significant escalation in the tactics employed by malicious actors to exploit trusted software ecosystems. The Discovery The nefarious extension, uploaded to the VS…
-
Chrome 132 Patches 16 Vulnerabilities
by
in SecurityNewsGoogle has released Chrome 132 with fixes for 16 vulnerabilities, including multiple high-severity security defects. The post Chrome 132 Patches 16 Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-132-patches-16-vulnerabilities/
-
Chrome Security Update Patch For 16 Vulnerabilities
by
in SecurityNewsGoogle has released a significant security update for its Chrome browser, addressing 16 vulnerabilities in version 132.0.6834.83/84 for Windows, Mac, and Linux platforms. This update, which will be rolled out over the coming days and weeks. While this security update includes several critical fixes and improvements to enhance the security of the web browser. The…
-
Hotel chain ditches Google search for DuckDuckGo, ‘subjected to fraud attempts daily’
by
in SecurityNews
Tags: apple, attack, authentication, browser, chrome, cloud, control, cybercrime, cybersecurity, data-breach, fraud, google, jobs, malware, mfa, monitoring, phishing, privacy, ransomware, risk, scam, service, tool, windowsAt the end of 2021, Nordic Choice Hotels, now renamed Strawberry, was hit by a major ransomware attack that paralyzed operations for just over a week. Everything had to be done manually, says Martin Belak, who is responsible for the hotel chain’s technical security.”The receptionists worked with whiteboards to keep track of which rooms were…
-
Malware targets Mac users by using Apple’s security tool
by
in SecurityNewsA variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm.A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram, and…
-
Zugriff auf interne Systeme: Forscher hackt Facebook und erhält 100.000 US-Dollar
by
in SecurityNewsDurch eine Sicherheitslücke im Chrome-Browser konnte ein Forscher einen Server von Facebook infiltrieren. Meta zahlte ihm eine üppige Belohnung. First seen on golem.de Jump to article: www.golem.de/news/zugriff-auf-interne-systeme-forscher-hackt-facebook-und-erhaelt-100-000-us-dollar-2501-192305.html
-
Here’s how hucksters are manipulating Google to promote shady Chrome extensions
by
in SecurityNewsHow do you stash 18,000 keywords into a description? Turns out it’s easy. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/01/googles-chrome-web-store-has-a-serious-spam-problem-promoting-shady-extensions/
-
Chrome Security Update Patch for Multiple Security Vulnerabilities
by
in SecurityNewsGoogle has released an update for its Chrome web browser, advancing to version 131.0.6778.264/.265 for Windows and Mac, and 131.0.6778.264 for Linux. This update addresses a series of critical security vulnerabilities and will be rolled out gradually over the coming days and weeks. Users are encouraged to update their browsers to benefit from these vital…
-
Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities
by
in SecurityNewsChrome and Firefox updates released this week resolve high-severity vulnerabilities in the two popular browsers. The post Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/chrome-131-firefox-134-updates-patch-high-severity-vulnerabilities/
-
Webbrowser: Chrome- und Firefox-Updates stopfen teils hochriskante Lücken
by
in SecurityNewsNeue Versionen von Google Chrome und Mozilla Firefox schließen Sicherheitslücken in den Webbrowsern. Einige gelten als hochriskant. First seen on heise.de Jump to article: www.heise.de/news/Webbrowser-Chrome-und-Firefox-Updates-stopfen-teils-hochriskante-Luecken-10231176.html
-
Böse Weihnachtsüberraschung: Hacker übernehmen Chrome-Erweiterungen
by
in SecurityNewsFirst seen on t3n.de Jump to article: t3n.de/news/boese-weihnachtsueberraschung-hacker-uebernehmen-chrome-erweiterungen-1665791/
-
Malicious EditThisCookie Extension Attacking Chrome Users to Steal Data
by
in SecurityNewsThe popular cookie management extension EditThisCookie has been the target of a malicious impersonation. Originally a trusted tool for Chrome users, EditThisCookie allowed users to manage cookie data in their browsers. However, after significant scrutiny, the legitimate version has been removed from the Chrome Web Store, leaving users vulnerable to a fake extension that has…
-
Privacy Roundup: Week 1 of Year 2025
by
in SecurityNews
Tags: access, ai, android, apple, authentication, botnet, breach, browser, business, captcha, chrome, compliance, cve, cybersecurity, data, data-breach, detection, email, encryption, exploit, finance, firmware, flaw, google, group, hacker, healthcare, HIPAA, infrastructure, injection, Internet, law, leak, login, malware, open-source, password, phishing, privacy, router, service, software, threat, tool, update, virus, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
-
Google Chrome is making it easier to share specific parts of long PDFs
by
in SecurityNewsGoogle is adding the Text Fragment feature to its PDF reader to make it easier to share specific parts of long PDFs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-chrome-is-making-it-easier-to-share-specific-parts-of-long-pdfs/
-
36 Chrome Extensions Compromised in Supply Chain Attack
by
in SecurityNewsDevelopers Listed as Public Contact Points Targeted in Phishing Campaign. A supply chain attack that subverted legitimate Google Chrome browser extensions to inject data-stealing malware is more widespread than security researchers first suspected. So far researchers have identified 36 subverted extensions collectively used by 2.6 million people. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/36-chrome-extensions-compromised-in-supply-chain-attack-a-27207
-
Schädliche Versionen von zahlreichen Chrome-Erweiterungen in Umlauf
by
in SecurityNewsÜber die Weihnachtstage verschafften sich die Täter Zugriff auf diverse Chrome-Extensions in einigen Fällen sogar schon deutlich früher. First seen on heise.de Jump to article: www.heise.de/news/Nach-Phishing-Angriff-Schaedliche-Erweiterungen-in-Chrome-Web-Store-geschleust-10224745.html
-
LegionLoader Abusing Chrome Extensions To Deliver Infostealer Malware
LegionLoader, a C/C++ downloader malware, first seen in 2019, delivers payloads like malicious Chrome extensions, which can manipulate emails, track browsing, and even transform infected browsers into proxies for attackers, enabling them to browse the web with the victim’s credentials. It has been observed distributing various stealers through Chrome extensions since August 2024, including LummaC2,…
-
Chrome Extension Compromises Highlight Software Supply Challenges
by
in SecurityNewsThe Christmas Eve compromise of data-security firm Cyberhaven’s Chrome extension spotlights the challenges in shoring up third-party software supply chains. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/chrome-extension-compromises-highlight-software-supply-challenges
-
Dozens of Chrome extensions hacked in threat campaign
by
in SecurityNewsAlthough data security vendor Cyberhaven disclosed that its Chrome extension was compromised on Dec. 24, additional research suggests the broader campaign could be months older. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617636/Dozens-of-Chrome-extensions-hacked-in-threat-campaign
-
Time to check if you ran any of these 33 malicious Chrome extensions
by
in SecurityNewsTwo separate campaigns have been stealing credentials and browsing history for months. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/01/dozens-of-backdoored-chrome-extensions-discovered-on-2-6-million-devices/