Security News

⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
2025-03-31 11:25

Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what...

Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot
2025-03-30 08:00

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching, alert fatigue Microsoft is rolling out a new...

After Chrome patches zero-day used to target Russians, Firefox splats similar bug
2025-03-28 06:34

Single click on a phishing link in Google browser blew up sandbox on Windows Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking...

Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability
2025-03-28 05:44

Mozilla has released updates to address a critical security flaw impacting its Firefox browser for Windows, merely days after Google patched a similar flaw in Chrome that came under active...

Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
2025-03-26 11:10

Google has released out-of-band fixes to address a high-severity security flaw in its Chrome browser for Windows that has been exploited in the wild as part of attacks targeting organizations in...

Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783)
2025-03-26 10:58

Google is in the process of rolling out Chrome v134.0.6998.178 to Windows users to fix CVE-2025-2783, a zero-day vulnerability that allowed attackers to to bypass Chrome sandbox protections. The...

Google fixes Chrome zero-day exploited in espionage campaign
2025-03-26 06:42

​Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser's sandbox and deploy malware in espionage attacks targeting Russian organizations. [...]

Malicious Chrome extensions can spoof password managers in new attack
2025-03-06 14:19

A newly devised "polymorphic" attack allows malicious Chrome extensions to morph into browser extensions, including password managers, crypto wallets, and banking apps, to steal sensitive...

Google Cuts Off uBlock Origin on Chrome as Firefox Stands Firm on Ad Blockers
2025-03-05 00:11

The problem started with Manifest V3, Chrome’s new extension specification, which is supposed to improve privacy.

Firefox continues Manifest V2 support as Chrome disables MV2 ad-blockers
2025-02-25 20:28

Mozilla has renewed its promise to continue supporting Manifest V2 extensions alongside Manifest V3, giving users the freedom to use the extensions they want in their browser. [...]