Google has moved to patch more Chrome zero-days that are actively under attack as it seems as though Google’s problems with in-the-wild Chrome zero-days are multiplying rapidly. The vulnerabilities patched affect Windows, macOS, and Linux users, pertaining to CVE-2021-21206 and CVE-2021-21220. Google did not provide any other details on the

Avast Threat Intelligence has identified malware hidden in twenty-eight popular Google Chrome and Microsoft Edge extensions. The extensions are all used for social media sites such as Facebook, Instagram, and Vimeo. Security researchers advise users to uninstall the extensions, which boast 3 million downloads in total. The most popular extensions

Google has issued an update for its Chrome web browser, fixing several vulnerabilities that could allow a threat actor to conduct computer compromise through a browser hack. The bug affects desktop versions of the browser, and the update fixed a total of eight bugs present within the current version with

In its latest set of updates, Google released two patches for Chrome zero-day vulnerabilities being exploited in the wild. Over the past three weeks, Google has patched a total of five zero-day flaws in Chrome. The bugs affect Chrome version 86.0.4240.198, and it is recommended that the updates be implemented

Google Chrome users will receive a patch later this week that fixes a severe vulnerability that can be manipulated by attackers to execute arbitrary code. The flaw lied in the Chrome 85 stable channel, however, has since been fixed by the company. The flaw is a bug in the WebGL

A new vulnerability discovered by researchers allows attackers to bypass Content Security Policy protections and steal data from website visitors. The vulnerability lies in Google’s Chromium-based browsers versions 73 through 83 and has since been patched by Chrome in version 84, which was released in July. Through leveraging the vulnerability,

GitHub has released new information on six vulnerabilities that were uncovered by one of its security researchers. The vulnerabilities are in the WebAudio component of Chrome. The vulnerabilities were reported to Google by GitHub Security Lab in February and March. The security researcher identified several Chrome sandbox escape vulnerabilities, and

Apple released Safari 13.1 yesterday, which included new updates to Safari’s Intelligence Tracking Prevention (ITP) privacy feature. The most major shift was that Apple products will now block all third-party cookies while in Safari by default. Apple’s latest move means that online advertisers and analytics firms will not be able

Google recently introduced a seemingly subtle change in the newest version of its Chome web browser, version 80. The feature makes the credentials that users save in Chrome’s password manager more secure, and it has already generated a large impact on the underground criminal enterprise. The Genesis Store has operated

Duo Security released an analysis on Thursday claiming that over 500 malicious Chrome extensions were secretly collecting browser data and redirecting users to websites containing malware. Researchers at Duo Security stated that the extensions have since been removed from Google’s Chrome Web Store, but that they were previously downloaded millions