Security News

If you're a Google Chrome or Microsoft Edge browser fan, you're probably getting updates automatically and you're probably up to date already. Just in case you've missed any updates recently, we suggest you go and check right now, because the Chromium browser core, on which both Edge and Chrome are based, has patched not one but two zero-day remote code execution bugs recently.

Six years after a jury decided otherwise, Google has convinced an appeals court to reverse a $20 million judgment against the web giant after Chrome infringed some patents. A US Court of Appeals decision [PDF], handed down Tuesday, not only reversed a 2017 ruling that found Google Chrome had ripped off four anti-malware patents, but also that three of the patents were invalid because they contained details that weren't included in the original patent.

Google on Tuesday rolled out emergency fixes to address another actively exploited high-severity zero-day flaw in its Chrome web browser. The flaw, tracked as CVE-2023-2136, is described as a case of integer overflow in Skia, an open source 2D graphics library.

Google has released a security update for the Chrome web browser to fix the second zero-day vulnerability found to be exploited in attacks this year. The stable release is available only for Windows and Mac users, with the Linux version to roll out "Soon," Google says.

In brief Google on Friday released an emergency update for Chrome to address a zero-day security flaw.This fix would be the first zero-day in Chrome squashed by Google this year.

Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine.

Google has released an emergency Chrome security update to address the first zero-day vulnerability exploited in attacks since the start of the year. This update was immediately available when BleepingComputer checked for new updates from the Chrome menu > Help > About Google Chrome.

Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors that distribute malware to unaware visitors. BleepingComputer has found numerous sites hacked in this malware distribution campaign, including adult sites, blogs, news sites, and online stores.

Google has stepped in to remove a bogus Chrome browser extension from the official Web Store that masqueraded as OpenAI's ChatGPT service to harvest Facebook session cookies and hijack the accounts. The "ChatGPT For Google" extension, a trojanized version of a legitimate open source browser add-on, attracted over 9,000 installations since March 14, 2023, prior to its removal.

A trojanized version of the legitimate ChatGPT extension for Chrome is gaining popularity on the Chrome Web Store, accumulating over 9,000 downloads while stealing Facebook accounts. The extension is a copy of the legitimate popular add-on for Chrome named "ChatGPT for Google" that offers ChatGPT integration on search results.