Security News

Cloudflare is unable to establish an SSL connection to the origin server. What can I do? If you're a visitor of this website: Please try again in a few minutes.

Coincidentally, a trio of researchers affiliated with Stanford University in the US and the CISPA Helmholtz Center for Information Security in Germany just published a paper about recent Chrome Web Store data that suggest the risk posed by browser extensions is far greater than Google admits to. On Thursday, over at Google, Benjamin Ackerman, Anunoy Ghosh, and David Warren on the Chrome Security Team claimed, "In 2024, less than one percent of all installs from the Chrome Web Store were found to include malware. We're proud of this record and yet some bad extensions still get through, which is why we also monitor published extensions."

A new malware distribution campaign uses fake Google Chrome, Word, and OneDrive errors to trick users into running malicious PowerShell "Fixes" that install malware. Now the overlays display fake Google Chrome, Microsoft Word, and OneDrive errors.

A new speculative execution attack named "TIKTAG" targets ARM's Memory Tagging Extension to leak data with over a 95% chance of success, allowing hackers to bypass the security feature. The paper, co-signed by a team of Korean researchers from Samsung, Seoul National University, and the Georgia Institute of Technology, demonstrates the attack against Google Chrome and the Linux kernel.

LastPass says its almost 12-hour outage yesterday was caused by a bad update to its Google Chrome extension. The impact did not go unnoticed, with LastPass customers venting their frustration on Reddit and Twitter about the outage and their inability to retrieve their saved credentials and log in to sites.

Google shared details on a recently introduced Chrome feature that changes how cookies are requested, with early tests showing increased performance across all platforms. Modern browsers like Chrome use multiple processes to improve performance and security.

Google is continuing with its plan to phase out Manifest V2 extensions in Chrome starting in early June 2024, weakening the abilities of ad blockers. Starting June 3, 2024, with Chrome version 127, users with active Manifest V2 extensions will see warnings on Chrome Beta, Dev, and Canary channels, while extensions still using Manifest V2 will lose their "Featured" badge.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Google fixes yet another Chrome zero-day exploited in the wildFor the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability with an in-the-wild exploit. GitHub fixes maximum severity Enterprise Server auth bypass bugA critical, 10-out-of-10 vulnerability allowing unrestricted access to vulnerable GitHub Enterprise Server instances has been fixed by Microsoft-owned GitHub.

Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild. Assigned the CVE identifier CVE-2024-5274, the...