google chrome
Google fixes actively exploited sandbox escape zero day in Chrome
Google has released a security update for Chrome to address half a dozen vulnerabilities, one of them actively exploited by attackers to escape the browser’s sandbox protection. The vulnerability is identified as CVE-2025-6558 and received a high-severity rating of 8.8. It was discovered by researchers at Google’s Threat Analysis Group (TAG) on June 23. The security issue is […]
Google reveals details on Android’s Advanced Protection for Chrome
Google is sharing more information on how Chrome operates when Android mobile users enable Advanced Protection, highlighting strong security improvements. The tech giant recently extended its Advanced Protection Program to the device level with the release of Android 16, aimed at offering a robust, holistic security posture for high-risk individuals likely to be targeted by sophisticated spyware […]
Malicious Chrome extensions with 1.7M installs found on Web Store
Almost a dozen malicious extensions with 1.7 million downloads in Google’s Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses. Most of the add-ons provide the advertised functionality and pose as legitimate tools like color pickers, VPNs, volume boosters, and emoji keyboards. Researchers at Koi Security, a company providing a platform […]
Google fixes fourth actively exploited Chrome zero-day of 2025
Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. “Google is aware that an exploit for CVE-2025-6554 exists in the wild,” the browser vendor said in a security advisory issued on Monday. “This issue was mitigated on 2025-06-26 by a […]
Microsoft confirms Family Safety blocks Google Chrome from launching
Microsoft has confirmed that its Family Safety parental control service is blocking users from launching Google Chrome and other web browsers on Windows systems. Microsoft Family Safety helps parents monitor their children’s activity across desktop and mobile devices, providing screen time management, content filtering, app controls, location tracking, communication monitoring, and activity reports. Redmond acknowledged the […]
Google patches new Chrome zero-day bug exploited in attacks
Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year. “Google is aware that an exploit for CVE-2025-5419 exists in the wild,” the company warned in a security advisory published on Monday. This high-severity vulnerability is caused by an out-of-bounds read and write weakness in Chrome’s V8 JavaScript engine, […]
Google Chrome to distrust Chunghwa Telecom, Netlock certificates in August
Google says it will no longer trust root CA certificates signed by Chunghwa Telecom and Netlock in the Chrome Root Store due to a pattern of compliance failures and failure to make improvements. The change will come in Google Chrome version 139, which is scheduled for release on August 1, 2025. The tech giant cites ongoing compliance […]
Data-stealing Chrome extensions impersonate Fortinet, YouTube, VPNs
A Google Chrome Web Store campaign uses over 100 malicious browser extensions that mimic legitimate tools, such as VPNs, AI assistants, and crypto utilities, to steal browser cookies and execute remote scripts secretly. The extensions offer some of the promised functionality, but also connect to the threat actor’s infrastructure to steal user information or receive […]
Google fixes high severity Chrome flaw with public exploit
Google has released emergency security updates to patch a high-severity vulnerability in the Chrome web browser that could lead to full account takeover following successful exploitation. While it’s unclear if this security flaw has been used in attacks, the company warned that it has a public exploit, which is how it usually hints at active […]
Google Chrome to block admin-level browser launches for better security
Google is rolling out a change to Chromium that “de-elevates” Google Chrome so it does not run as an administrator to increase security in Windows. Microsoft previously introduced a similar feature in 2019 to the Edge Browser. When users launched Edge with elevated permissions, a warning would appear, recommending that they relaunch the browser without administrative rights. Later, […]