Browser
CommetJacking attack tricks Comet browser into stealing emails
A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar. In a realistic scenario, no credentials or user interaction are required and a threat actor can leverage the attack by simply exposing a maliciously crafted URL to […]
Brave browser surpasses the 100 million active monthly users mark
Brave browser reached 101 million monthly active users and 42 million daily active users this September, marking a new record in the project’s history. At the same time, Brave Search, the project’s privacy-focused search engine that launched in 2021 and relies on its own web index, has grown to 1.6 billion monthly search queries and […]
Perplexity’s Comet AI browser tricked into buying fake items online
A study looking into agentic AI browsers has found that these emerging tools are vulnerable to both new and old schemes that could make them interact with malicious pages and prompts. Agentic AI browsers can autonomously browse, shop, and manage various online tasks (like handling email, booking tickets, filing forms, or controlling accounts). Perplexity’s Comet is currently […]
Leak: OpenAI’s browser will use ChatGPT Agent to control the browser
OpenAI is building an agentic future with its upcoming Chromium-based browser and a new leak confirms GPT Agent integration. ChatGPT already comes with Agent mode, which uses a virtual machine to browse the web. The vrtual machine is powered by Linux and it works in a cloud environment (Azure). While Agent mode can do everything for […]
Google fixes actively exploited sandbox escape zero day in Chrome
Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser’s sandbox protection. The vulnerability is identified as CVE-2025-6558 and received a high-severity rating of 8.8. It was discovered by researchers at Google’s Threat Analysis Group (TAG) on June 23. The security issue is […]
DuckDuckGo beefs up scam defense to block fake stores, crypto sites
The DuckDuckGo web browser has expanded its built-in Scam Blocker tool to protect against a broader range of online scams, including fake e-commerce, cryptocurrency exchanges, and “scareware” sites. DuckDuckGo is a privacy-focused web browser and search engine that doesn’t track users’ searchers or browsing history. The browser, which became available as a public beta for macOS and Windows in […]
Apple Safari exposes users to fullscreen browser-in-the-middle attacks
A weakness in Apple’s Safari web browser allows threat actors to leverage the fullscreen browser-in-the-middle (BitM) technique to steal account credentials from unsuspecting users. By abusing the Fullscreen API, which instructs any content on a webpage to enter the browser’s fullscreen viewing mode, hackers can exploit the shortcoming to make guardrails less visible on Chromium-based browsers and […]
Google Chrome 136 fixes 20-year browser history privacy risk
Google is fixing a long-standing privacy issue that, for years, enabled websites to determine users’ browsing history through the previously visited links. The problem arises from allowing sites to style links as ‘:visited,’ meaning showing them as another color instead of the default blue if a user had previously clicked on them. The system displays this color […]
Vivaldi integrates Proton VPN into the browser to fight web tracking
Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against ‘Big Tech’ surveillance for free. When enabled, browsing activity will be transmitted through Proton VPN’s encrypted tunnels while also obfuscating the user’s IP address, safeguarding their privacy and protecting them […]
Mozilla warns users to update Firefox before certificate expires
Mozilla is warning Firefox users to update their browsers to the latest version to avoid facing disruption and security risks caused by the upcoming expiration of one of the company’s root certificates. The Mozilla certificate is set to expire this Friday, March 14, 2025, and was used to sign content, including add-ons for various Mozilla […]