Security News

The Israeli spyware vendor Candiru was found using a zero-day vulnerability in Google Chrome to spy on journalists and other high-interest individuals in the Middle East with the 'DevilsTongue' spyware. In a report published earlier today, Avast's threat researchers, who discovered the vulnerability and reported it to Google, reveal that they unearthed it after investigating spyware attacks on their clients.

For the longest time, I've been shouting to the sun and moon that no one should allow Chrome to save passwords. Figure A. If you've already saved your passwords in Chrome, fear not, you can still remove them and recover a bit of extra privacy when using that particular browser.

Google is testing a new 'Quick Intensive Throttling' feature that reduces CPU time by 10%, extending the battery life for laptops and mobile devices. In Chrome 87, Google introduced a new feature called 'Intensive Wake Up Throttling' that prevents JavaScript from waking up a tab more than once a minute after it has been suspended and hidden from view for more than 5 minutes.

Google's latest update to the Chrome browser fixes a varying number of bugs, depending on whether you're on Android, Windows or Mac, and depending on whether you're running the "Stable channel" or the "Extended stable channel". The Stable channel is the very latest version, including all new browser features, currently numbered Chrome 103.

While people were celebrating the Fourth of July holiday in the United States, Google quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability, the fourth such flaw the vendor has had to patch in its browser product so far this year. Chrome 103 for Android and Version 103.0.5060.114 for Windows and Mac, outlined in separate blog posts published Monday, fix a heap buffer overflow flaw in WebRTC, the engine that gives the browser its real-time communications capability.

Google on Monday shipped security updates to address a high-severity zero-day vulnerability in its Chrome web browser that it said is being exploited in the wild. The shortcoming, tracked as CVE-2022-2294, relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to install plugins or download native apps.

Google has issued an unexpected update to its Chrome browser to address a zero-day WebRTC flaw that is actively being exploited. The fix is installing Chrome 103.0.5060.114 for Windows and Chrome 103.0.5060.71 for Android, both of which will appear soon.

Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild, the fourth Chrome zero-day patched in 2022. This update was available immediately when BleepingComputer checked for new updates by going into Chrome menu > Help > About Google Chrome.

With that said, let's get the Bitwarden Chrome plugin installed and see how it's used. Open Chrome and point it to the Bitwarden Chrome plugin page in the Chrome Web Store.

A researcher has discovered how to use your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. Yesterday, web developer 'z0ccc' shared a new fingerprinting method called 'Extension Fingerprints' that can generate a tracking hash based on a browser's installed Google Chrome extensions.