Security News

Google euthanizes Chrome Cleanup Tool because it no longer has a purpose
2023-03-11 00:28

Google is bidding adieu to an application that enabled Chrome users on Windows systems to get rid of unwanted software. The Cholocate Factory's Chrome Cleanup Tool was introduced in 2015 - initially as a standalone product and later integrated into the Chrome browser - and has run more than 80 million cleanups over the past eight years.

Fake ChatGPT Chrome extension targeted Facebook Ad accounts
2023-03-09 12:13

From malvertising, extension installation, hijacking Facebook accounts, and back again to propagation. The fake ChatGPT extension discovered by Guardio is the latest security concern, affecting thousands daily.

Google Chrome optimizations improve battery life on Macs
2023-02-28 17:00

The latest version of Google Chrome for macOS includes new optimizations that increase battery life on MacBooks. The reason why Google is optimizing Chrome battery consumption on Macs is likely because users report that Safari has much better performance on the system, leading them to use Apple's browser instead. Chrome's latest improvements will also be felt by those using older Apple hardware like Intel-based Macbooks.

451 PyPI packages install Chrome extensions to steal crypto
2023-02-13 19:46

Over 450 malicious PyPI python packages were found installing malicious browser extensions to hijack cryptocurrency transactions made through browser-based crypto wallets and websites. This discovery is a continuation of a campaign initially launched in November 2022, which initially started with only twenty-seven malicious PyPi packages, and now greatly expanding over the past few months.

Google Chrome to let you disable or enable extensions per site
2023-01-14 21:02

Google is working on a new feature that allows you to disable or enable Chrome extensions based on site-by-site basis. The Chrome Web Store has many extensions, but there's a catch - some extensions can cause website problems, and some sites do not allow extensions like ad blockers.

Google Adds Passkey Support to Chrome for Windows, macOS and Android
2022-12-12 14:24

Google has officially begun rolling out support for passkeys, the next-generation passwordless login standard, to its stable version of Chrome web browser. This calls for websites to build passkey support on their sites using the WebAuthn API. Essentially, the technology works by creating a unique cryptographic key pair to associate with an account for the app or website during account registration.

New Google Chrome feature frees memory to make browsing smoother
2022-12-08 18:19

Google says the latest release of Chrome for desktop devices now comes with a new performance-boosting feature designed to free up memory and make web browsing smoother. The new feature, dubbed Memory Saver, will release up to 30% of all memory by suspending inactive tabs, system memory which will be used by active tabs.

Google Chrome zero-day exploited in the wild (CVE-2022-4262)
2022-12-06 11:03

Google has patched CVE-2022-4262, a type confusion vulnerability in the V8 JavaScript engine used by Google Chrome, which is being exploited by attackers in the wild. "Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Srinivas Sista, Technical program manager for Google Chrome, explained.

CISA orders agencies to patch exploited Google Chrome bug by Dec 26th
2022-12-05 22:06

The flaw was patched as an actively exploited zero-day bug in the Google Chrome web browser on Friday for Windows, Mac, and Linux users. In a security advisory published right before the weekend, Google said it "Is aware of reports that an exploit for CVE-2022-4262 exists in the wild."

Number Nine! Chrome fixes another 2022 zero-day, Edge patched too
2022-12-05 20:58

It's just under two weeks since Google rushed out a Chrome patch for the then-current version 107 to seal off a bug that was already being used in real-life attacks. How might the bug might be triggered? Was merely viewing a booby-trapped web page enough? Could it be abused for remote code execution? Could the crooks end up installing malware without any visible warning? Who was using it? Were they state-sponsored attackers, or some other sort of cybercriminals? What they were after? Were they into data stealing, ransomware attacks, unlawful surveillance, or all of those things?