google chrome
QuickLens Chrome extension steals crypto, shows ClickFix attack
A Chrome extension named “QuickLens – Search Screen with Google Lens” has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of users. QuickLens was initially published as a Chrome extension that lets users run Google Lens searches directly in their browser. The extension grew […]
Google patches first Chrome zero-day exploited in attacks this year
Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the first such security flaw patched since the start of the year. “Google is aware that an exploit for CVE-2026-2441 exists in the wild,” Google said in a security advisory issued on Friday. According to the Chromium commit history, this use-after-free […]
Microsoft fixes bug that blocked Google Chrome from launching
Microsoft has fixed a known issue causing its Family Safety parental control service to block Windows users from launching Google Chrome and other web browsers. Family Safety helps parents monitor their children’s activity and provides screen time management, app controls, communication monitoring, content filtering, location tracking, and activity reports. Microsoft acknowledged the bug in late June 2025 […]
New malware service guarantees phishing extensions on Chrome web store
A new malware-as-a-service (MaaS) called ‘Stanley’ promises malicious Chrome extensions that can clear Google’s review process and publish them to the Chrome Web Store. Researchers at end-to-end data security company Varonis named the project Stanley after the alias of the seller, who advertises easy phishing attacks by intercepting navigation and covering a webpage with an iframe […]
Google Chrome tests Gemini-powered AI “Skills”
Google is testing “Skills” for Gemini in Chrome, which will allow AI in Chrome to perform tasks automatically. Gemini in Chrome on desktop has been rolling out in the US for a while now. Right now, Chrome’s Gemini acts as an AI “helper” inside the browser. When you’re on a webpage, you can open Gemini and […]
Google Chrome now lets you turn off on-device AI model powering scam detection
Google Chrome now lets you delete the local AI models that power the “Enhanced Protection” feature, which was upgraded with AI capabilities last year. Enhanced protection isn’t a new feature. It’s been in Chrome for a few years now, but it was updated with unknown AI models to offer “real-time” protection against dangerous websites, downloads, […]
Credential-stealing Chrome extensions target enterprise HR platforms
Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP platforms were discovered stealing authentication credentials or blocking management pages used to respond to security incidents. The campaign was discovered by cybersecurity firm Socket, which says it identified five Chrome extensions targeting Workday, NetSuite, and SAP […]
Malicious extensions in Chrome Web store steal user credentials
Two Chrome extensions in the Web Store named ‘Phantom Shuttle’ are posing as plugins for a proxy service to hijack user traffic and steal sensitive data. Both extensions are still present in Chrome’s official marketplace at the time of writing and have been active since at least 2017, according to a report from researchers at the […]
Apple fixes two zero-day flaws exploited in ‘sophisticated’ attacks
Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an “extremely sophisticated attack” targeting specific individuals. The zero-days are tracked as CVE-2025-43529 and CVE-2025-14174 and were both issued in response to the same reported exploitation. “Apple is aware of a report that this issue may have been exploited in an […]
Google fixes eighth Chrome zero-day exploited in attacks in 2025
Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year. “Google is aware that an exploit for 466192044 exists in the wild,” Google said in a security advisory issued on Wednesday. The company has now fixed this high-severity vulnerability […]