Phishers steal Chrome extension from developer
An attacker has compromised the Chrome Web Store account of German developer team a9t9 software, and has equipped their Copyfish Chrome extension with ad/spam injection …
Number of HTTPS phishing sites triples
When, in January 2017, Mozilla and Google made Firefox and Chrome flag HTTP login pages as insecure, the intent was to make phishing pages easier to recognize, as well as push …
Stealing Windows credentials using Google Chrome
Attacks that leak authentication credentials using the SMB file sharing protocol on Windows OS are an ever-present issue, exploited in various ways but usually limited to …
Google to sanction Symantec for misissuing security certificates
In a post on a developers’ forum, software engineer on the Google Chrome team Ryan Sleevi has announced Google’s plan to start gradually distrust all existing …
LastPass extensions can be made to cough up passwords, deliver malware
LastPass Chrome and Firefox extensions contain flaws that could allow malicious websites to steal victims’ passwords or execute commands on their computer. The flaws …
Chrome users on macOS to see more dangerous site warnings
MacOS users who use Chrome to surf the web are likely to see more security warnings in the coming days, as Google’s Safe Browsing service will start flagging sites …
Cyber crooks’ latest tricks for targeting Chrome users
Chrome users have lately been targeted with a few unusual malware delivery and scam attempts. The “font wasn’t found” trick The first one comes from compromised WordPress …
Google is winding up Gmail support for older Chrome versions
Chrome users that, for whatever reason, can’t or don’t want to update to the latest version of the browser will soon start seeing warnings when they access Gmail. …
The latest on the critical RCE Cisco WebEx extension vulnerability
Since Google bug hunter Tavis Ormandy revealed the existence of a remotely exploitable code execution flaw in the Cisco WebEx extension for Google Chrome last week, Cisco has …
Cisco WebEx extension opens Chrome users to drive-by malware attacks
Windows users who have the widely used Cisco WebEx extension installed on Chrome are in danger of getting silently hacked when visiting a malicious website. The vulnerability, …
Adobe quietly bundles data-collecting Chrome extension with latest Reader update
Chrome users who have installed the latest Adobe security updates have also been unknowingly saddled with a browser extension (“Adobe Acrobat”) that can collect some of their …
Malvertising campaign compromises routers instead of computers
The DNSChanger exploit kit is back and more effective than ever, and is being used in a widespread malvertising attack whose goal is to compromise small/home office routers. …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)