Security News

Threat analysts at McAfee found five Google Chrome extensions that steal track users' browsing activity. Collectively, the extensions have been downloaded more then 1.4 million times.

Google Chrome extension 'Internet Download Manager' installed by more than 200,000 users is adware. Although the extension may install a known and legitimate download manager program, BleepingComputer observed unwanted behavior exhibited by the extension-such as opening links to spammy sites, changing the default browser search engine, and further hounding the user with pop-ups asking them to download more "Patches" and unwanted programs.

Google Chrome extension 'Internet Download Manager' installed by more than 200,000 users is adware. Although the extension may install a known and legitimate download manager program, BleepingComputer observed unwanted behavior exhibited by the extension-such as opening links to spammy sites, changing the default browser search engine, and further hounding the user with pop-ups asking them to download more "Patches" and unwanted programs.

Google has patched the fifth actively exploited zero-day vulnerability discovered in Chrome this year as one in a series of fixes included in a stable channel update released Wednesday. Google credits Ashley Shen and Christian Resell of its Google Threat Analysis Group for reporting the zero-day bug, which could allow for arbitrary code execution, on July 19.

The latest update to Google's Chrome browser is out, bumping the four-part version number to 104.0.5112.101, or to 104.0.5112.102. Chrome will probably update itself, but we always recommend checking anyway.

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on July 19, 2022.

Google has released a security update for the Chrome browser that addresses close to a dozen vulnerabilities, including a zero-day flaw that is being exploited in the wild. The security update is currently rolling out for Windows, Mac and Linux.

Google delays removal of third-party cookies in Chrome through 2024. Google is pushing back its plan to get rid of third-party cookies in Chrome to the latter half of 2024, according to a company blog published Wednesday.

Google on Wednesday said it's once again delaying its plans to turn off third-party cookies in the Chrome web browser from late 2023 to the second half of 2024. "The most consistent feedback we've received is the need for more time to evaluate and test the new Privacy Sandbox technologies before deprecating third-party cookies in Chrome," Anthony Chavez, vice president of Privacy Sandbox, said.

A North Korean-backed threat group tracked as Kimsuky is stealing emails from Google Chrome or Microsoft Edge users browsing their webmail accounts using a malicious browser extension. The extension, dubbed SHARPEXT by Volexity researchers who spotted this campaign in September, supports three Chromium-based web browsers and can steal mail from Gmail and AOL accounts.