DarkSpectre quietly infected millions through seemingly legit browser extensions

The researchers initially discovered DarkSpectre while investigating ShadyPanda, a campaign based on popular Chrome and Edge extensions that infected over four million devices. Further analysis ...

Finally - a terminal solution to the browser wars

Old-time web users will fondly remember Lynx, a text-only browser that ran from the terminal. Now, there's a Sixel-compatible ...
The Hacker News

Featured Chrome Browser Extension Caught Intercepting Millions of Users' AI Chats

A Google Chrome extension with a "Featured" badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence (AI)-powered chatbots like ...
PC World

Chrome 143 fixes 13 security flaws, plus new Read Aloud and AI features

Google has fixed 13 vulnerabilities in Chrome versions 143.0.7499.40/41 for Windows and macOS and 143.0.7499.40 for Linux. According to Google, none of these vulnerabilities have been exploited for ...
Infosecurity-magazine.com

ShadyPanda's Seven-Year Campaign Infects 4.3M Chrome and Edge Users

A seven-year browser extension campaign has infected 4.3 million Chrome and Edge users. The group responsible, tracked as ShadyPanda, has been observed leveraging trusted browser marketplaces to build ...
SecurityWeek

Chrome, Edge Extensions Caught Tracking Users, Creating Backdoors

The extensions were seen profiling users, reading cookie data to create unique identifiers, and executing payloads with browser API access. A threat actor has published over a hundred malicious ...
TechRepublic

Google Issues Emergency Update for 2B Chrome Users

If your Chrome browser isn’t updated, you may be exposed to an actively exploited zero-day that Google just rushed to patch. The company is instructing its 2 billion users to update immediately after ...
Android

Google Chrome Users Warned: New Zero-Day Flaw Requires Update ASAP

Google has discovered a new zero-day flaw in the Chrome browser. It becomes the seventh zero-day flaw of 2025 discovered so far. The users are urgently required to update the app to remain safe.
Bleeping Computer

Google fixes new Chrome zero-day flaw exploited in attacks

Google has released an emergency security update to fix the seventh Chrome zero-day vulnerability exploited in attacks this year. "Google is aware that an exploit for CVE-2025-13223 exists in the wild ...
SlashGear

Google Is Changing Up Chrome's Notification Permissions For Users - Here's What You Need To Know

If you're the sort of person who habitually clicks "yes" on things, you've likely experienced your important smartphone notifications getting buried beneath an avalanche of unwanted spam from ...
Search Engine Land

Google adds Chrome Web Store user agent

Google has added a new user agent to its help documentation named Google-CWS. This is the Chrome Web Store user agent that is a user-triggered fetchers. More details. Google posted about the new user ...