Security News

New Google Chrome version fixes actively exploited zero-day bug
2020-10-20 16:30

Google has released Chrome 86.0.4240.111 today, October 20th, 2020, to the Stable desktop channel to address five security vulnerabilities, one of them an actively exploited zero-day bug. "Google is aware of reports that an exploit for CVE-2020-15999 exists in the wild," the Google Chrome 86.0.4240.111 announcement reads.

Google Chrome and Edge are creating random debug.log log files
2020-10-18 13:31

A bug in the latest release of Chrome, and other Chromium-based browsers, is causing random debug. Log files to be created on user's desktops and other folders.

Google Chrome Bugs Open Browsers to Attack
2020-09-22 18:44

Google has stomped out several serious code-execution flaws in its Chrome browser. The high-severity flaws include an out-of-bounds read error in storage in Google Chrome.

Google Chrome Bug Could Let Hackers Bypass CSP Protection; Update Web Browsers
2020-08-11 08:18

Cybersecurity researchers on Monday disclosed details about a zero-day flaw in Chromium-based web browsers for Windows, Mac and Android that could have allowed attackers to entirely bypass Content Security Policy rules since Chrome 73. Tracked as CVE-2020-6519, the issue stems from a CSP bypass that results in arbitrary execution of malicious code on target websites.

Google Chrome Browser Bug Exposes Billions of Users to Data Theft
2020-08-10 19:43

The bug is found in Chrome, Opera and Edge, on Windows, Mac and Android - potentially affecting billions of web users, according to PerimeterX cybersecurity researcher Gal Weizman. CSP allows web admins to specify the domains that a browser should consider to be valid sources of executable scripts.

Critical bug in Google Chrome – get your update now
2020-04-17 19:13

Google just issued a Chrome update with a note that says, "This update includes 1 [critical] security fix." The bug itself is still a secret, even though the Chromium core of the Chrome browser is an open source project.

49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets
2020-04-15 03:40

Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies. "Essentially, the extensions are phishing for secrets - mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto.

Google Chrome to start blocking downloads served via HTTP
2020-02-10 11:59

Google has announced a timetable for phasing out insecure file downloads in the Chrome browser, starting with desktop version 81 due out next month. Known in jargon as 'mixed content downloads', these are files such as software executables, documents and media files offered from secure HTTPS websites over insecure HTTP connections.

Google Chrome to block file downloads – from .exe to .txt – over HTTP by default this year. And we're OK with this
2020-02-07 20:44

Continuing to drop flame retardant on the dumpster fire that is web security, Google on Thursday said it will soon prevent Chrome users from downloading files over insecure, plain old, unencrypted HTTP. "All insecure downloads are bad for privacy and security," declared Joe DeBlasio, who works on the Chrome security team, in a Twitter thread. "An eavesdropper can see what a user is downloading, or an active attacker can swap the download for a malicious one." "We hope to stop all unsafe downloads, but Chrome doesn't currently tell users on HTTPS pages that their downloads are insecure. That's weird! Users expect that what they do on secure pages to be... well secure! So we're blocking these downloads first."

Google Chrome To Bar HTTP File Downloads
2020-02-07 17:03

Google Chrome will soon restrict certain files, like PDFs or executables, from being downloaded via an HTTP connection, if they are loaded on HTTPS webpages. With Chrome 68's 2018 release, Google started to label HTTP websites with an "Insecure" warning label in the navigation bar.