Fake browser crash alerts turn Chrome extension into enterprise backdoor
Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. …
Browser agents don’t always respect your privacy choices
Browser agents promise to handle online tasks without constant user input. They can shop, book reservations, and manage accounts by driving a web browser through an AI model. …
New “HashJack” attack can hijack AI browsers and assistants
Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or …
Security gap in Perplexity’s Comet browser exposed users to system-level attacks
There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s …
The browser is eating your security stack
Employees log into SaaS platforms, upload files, use AI tools, and manage customer data from a single tab. While the browser has become the enterprise’s main workspace, it …
What your browser knows about you, from contacts to card numbers
Chrome and Safari are the most popular browser apps, accounting for 90% of the mobile browsers market share, according to Surfshark. They also collect the most data. Chrome: …
Browser extensions make nearly every employee a potential attack vector
Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have …
Best practices for ensuring a secure browsing environment
In this Help Net Security interview, Devin Ertel, CISO at Menlo Security, discusses how innovations like AI and closer collaboration between browser vendors and security …
How to enable Safe Browsing in Google Chrome on Android
To safeguard your data, Google Chrome uses Safe Browsing to protect you from: harmful websites and extensions, malicious or intrusive advertisements, malware, phishing …
Browser backdoors: Securing the new frontline of shadow IT
Browser extensions are a prime target for cybercriminals. And this isn’t just a consumer problem – it’s a new frontier in enterprises’ battle against shadow IT. …
Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver
ESET Research has discovered a sophisticated Chinese browser injector: a signed, vulnerable, ad-injecting driver from a mysterious Chinese company. This threat, which ESET …
Cybercriminal adoption of browser fingerprinting
Browser fingerprinting is one of many tactics phishing site authors use to evade security checks and lengthen the lifespan of malicious campaigns. While browser fingerprinting …
Featured news
Resources
Don't miss
- Inside Microsoft’s veteran-to-tech workforce pipeline
- Brakeman: Open-source vulnerability scanner for Ruby on Rails applications
- Incident response lessons learned the hard way
- Okta users under attack: Modern phishing kits are turbocharging vishing attacks
- One-time SMS links that never expire can expose personal data for years