3M Users Targeted by Malicious Facebook, Insta Browser Add-Ons
Avast Threat Intelligence has identified malware hidden in twenty-eight popular Google Chrome and Microsoft Edge extensions. The extensions are all used for social media sites such as Facebook, Instagram, and Vimeo. Security researchers advise users to uninstall the extensions, which boast 3 million downloads in total. The most popular extensions
High-Severity Chrome Bugs Allow Browser Hacks
Google has issued an update for its Chrome web browser, fixing several vulnerabilities that could allow a threat actor to conduct computer compromise through a browser hack. The bug affects desktop versions of the browser, and the update fixed a total of eight bugs present within the current version with
Google patches two more Chrome zero-days
In its latest set of updates, Google released two patches for Chrome zero-day vulnerabilities being exploited in the wild. Over the past three weeks, Google has patched a total of five zero-day flaws in Chrome. The bugs affect Chrome version 86.0.4240.198, and it is recommended that the updates be implemented
Google Fixes High-Severity Chrome Browser Code Execution Bug
Google Chrome users will receive a patch later this week that fixes a severe vulnerability that can be manipulated by attackers to execute arbitrary code. The flaw lied in the Chrome 85 stable channel, however, has since been fixed by the company. The flaw is a bug in the WebGL
Google Chrome Browser Bug Exposes Billions of Users to Data Theft
A new vulnerability discovered by researchers allows attackers to bypass Content Security Policy protections and steal data from website visitors. The vulnerability lies in Google’s Chromium-based browsers versions 73 through 83 and has since been patched by Chrome in version 84, which was released in July. Through leveraging the vulnerability,
GitHub Shares Details on Six Chrome Vulnerabilities
GitHub has released new information on six vulnerabilities that were uncovered by one of its security researchers. The vulnerabilities are in the WebAudio component of Chrome. The vulnerabilities were reported to Google by GitHub Security Lab in February and March. The security researcher identified several Chrome sandbox escape vulnerabilities, and
Apple blocks third-party cookies in Safari
Apple released Safari 13.1 yesterday, which included new updates to Safari’s Intelligence Tracking Prevention (ITP) privacy feature. The most major shift was that Apple products will now block all third-party cookies while in Safari by default. Apple’s latest move means that online advertisers and analytics firms will not be able
A Small Change To Google Chrome Hits Cybercrime Marketplace Hard
Google recently introduced a seemingly subtle change in the newest version of its Chome web browser, version 80. The feature makes the credentials that users save in Chrome’s password manager more secure, and it has already generated a large impact on the underground criminal enterprise. The Genesis Store has operated
500 Malicious Chrome Extensions Impact Millions of Users
Duo Security released an analysis on Thursday claiming that over 500 malicious Chrome extensions were secretly collecting browser data and redirecting users to websites containing malware. Researchers at Duo Security stated that the extensions have since been removed from Google’s Chrome Web Store, but that they were previously downloaded millions
Scam Browser Notification Prompts Increased by 69% in 2019
In the first nine months of this year, the number of ad and scam browser notifications surged by 69%, a new report by Kaspersky shows. If users allow browser notifications for a certain website, these can be sent even when users are not visiting that website. Malicious websites increasingly try