Security News

ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish "Malware delivery via fake browser updates" campaigns, Sekoia researchers have concluded. Subsequently downloaded payloads create an iframe element to host the fake update interface, download that interface, and the fake update content and HTML page.

Recent versions of the TorBrowser, specifically because of the updated tor. Microsoft stated, "We've reviewed the submitted files and have determined that they do not fit our definitions of malware or unwanted applications. As such, we've removed the detection."

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and...

An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities. First documented by Meta in May 2023, NodeStealer originated as a JavaScript malware capable of pilfering cookies and passwords from web browsers to compromise Facebook, Gmail, and Outlook accounts.

Zero-Day Security Vulnerability Found in Chrome, Firefox and Other Browsers Updates are now available to patch a Chrome vulnerability that would allow attackers to run malicious code. It's time to update Google Chrome, Mozilla's Firefox or Thunderbird, Microsoft Edge, the Brave browser or Tor Browser; web development news site StackDiary has reported a zero-day vulnerability in all six browsers that could allow threat actors to execute malicious code.

Microsoft will soon allow users in the European Union, as well as from Iceland, Liechtenstein, and Norway, to once again open all links in Windows using their default web browser rather than forcing the use of Microsoft Edge. As the company said when it released Windows 11 Insider Preview Build 23531 to the Dev Channel on Friday, links in Windows systems apps will no longer open using Microsoft Edge, ignoring the users' browser of choice.

Pricing Is Arc available for Windows, Mac, Linux, Android and iOS? Key features of the Arc browser Arc's pros Arc's cons Alternatives to the Arc browser Review methodology Pricing. Not only has The Browser Company invested in a modern design, but Arc has a wide range of features for advanced and nonadvanced users.

A group of experts have recognized the pressing need for comprehensive browser security solutions and collaborated to develop "The Definitive Browser Security RFP Template." This resource helps streamline the process of evaluating and procuring browser security platforms. The RFP template offers numerous advantages for organizations seeking robust browser security solutions.

Google's plans to introduce the Web Environment Integrity API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for limiting user freedom and undermining the core principles of the open web. Google says this is not a privacy risk as it does not enable cross-site user tracking and won't interfere with browser or plugins/extensions functionality.

The extension enabled threat actors to monitor browser history, take screenshots, and inject malicious scripts that targeted cryptocurrency exchanges. Multiple malicious extensions target user installations, leading to a real danger of data exfiltration and system compromise.