Security News

Google is bidding adieu to an application that enabled Chrome users on Windows systems to get rid of unwanted software. The Cholocate Factory's Chrome Cleanup Tool was introduced in 2015 - initially as a standalone product and later integrated into the Chrome browser - and has run more than 80 million cleanups over the past eight years.

From malvertising, extension installation, hijacking Facebook accounts, and back again to propagation. The fake ChatGPT extension discovered by Guardio is the latest security concern, affecting thousands daily.

The latest version of Google Chrome for macOS includes new optimizations that increase battery life on MacBooks. The reason why Google is optimizing Chrome battery consumption on Macs is likely because users report that Safari has much better performance on the system, leading them to use Apple's browser instead. Chrome's latest improvements will also be felt by those using older Apple hardware like Intel-based Macbooks.

Over 450 malicious PyPI python packages were found installing malicious browser extensions to hijack cryptocurrency transactions made through browser-based crypto wallets and websites. This discovery is a continuation of a campaign initially launched in November 2022, which initially started with only twenty-seven malicious PyPi packages, and now greatly expanding over the past few months.

Google is working on a new feature that allows you to disable or enable Chrome extensions based on site-by-site basis. The Chrome Web Store has many extensions, but there's a catch - some extensions can cause website problems, and some sites do not allow extensions like ad blockers.

Google has officially begun rolling out support for passkeys, the next-generation passwordless login standard, to its stable version of Chrome web browser. This calls for websites to build passkey support on their sites using the WebAuthn API. Essentially, the technology works by creating a unique cryptographic key pair to associate with an account for the app or website during account registration.

Google says the latest release of Chrome for desktop devices now comes with a new performance-boosting feature designed to free up memory and make web browsing smoother. The new feature, dubbed Memory Saver, will release up to 30% of all memory by suspending inactive tabs, system memory which will be used by active tabs.

Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome, which is being exploited by attackers in the wild. "Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Srinivas Sista, Technical program manager for Google Chrome, explained.

The flaw was patched as an actively exploited zero-day bug in the Google Chrome web browser on Friday for Windows, Mac, and Linux users. In a security advisory published right before the weekend, Google said it "Is aware of reports that an exploit for CVE-2022-4262 exists in the wild."

It's just under two weeks since Google rushed out a Chrome patch for the then-current version 107 to seal off a bug that was already being used in real-life attacks. How might the bug might be triggered? Was merely viewing a booby-trapped web page enough? Could it be abused for remote code execution? Could the crooks end up installing malware without any visible warning? Who was using it? Were they state-sponsored attackers, or some other sort of cybercriminals? What they were after? Were they into data stealing, ransomware attacks, unlawful surveillance, or all of those things?