9 articles tagged with "Browser Security"
A Chromium bug reported in 2022 that turns browsers into silent botnets was accidentally exposed on Google's issue tracker. No patch exists despite 'fixed' status.
Google's May 2026 Chrome update addresses 79 security issues with 14 rated critical. Memory corruption bugs dominate—update immediately to version 148.0.7778.167.
New Storm infostealer bypasses Chrome's App-Bound Encryption by shipping encrypted credentials to attacker infrastructure for decryption. Endpoint tools can't detect it.
LayerX researchers found that custom font rendering can hide malicious prompts from ChatGPT, Claude, Gemini, and other AI assistants while displaying them to users.
CVE-2026-2441 is a high-severity CSS use-after-free in Chrome being exploited in the wild. Update to version 145.0.7632.75 immediately.
Mozilla patches six high-severity flaws in Firefox 147 and ESR releases. Multiple sandbox escape vulnerabilities could enable arbitrary code execution.
Five malicious extensions masquerading as HR tools steal authentication tokens, block security panels, and enable account takeover through cookie injection.
Two rogue browser extensions masquerading as AI tools exfiltrated complete conversation histories from ChatGPT and DeepSeek to attacker-controlled servers every 30 minutes.
CVE-2026-0628 allowed malicious extensions to inject scripts into privileged pages through insufficient policy enforcement. Update to Chrome 143.0.7499.192.