Browsing Tag
Chrome
158 posts
ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data
The ClaudeBleed vulnerability allows hackers to bypass Claude for Chrome guardrails to exfiltrate private Google Drive and Gmail data.
Google Chrome Accused of Silently Installing 4GB AI Model on User Devices
Cybersecurity researcher Alexander Hanff claims that Google Chrome automatically installs a 4GB Gemini Nano AI model without user notification or consent.
82 Chrome Extensions Found Selling User Data, 6.5 Million Users Affected
LayerX research finds 82 Chrome extensions collecting and selling user data, affecting at least 6.5 million users through disclosed but concerning practices.
Fake TikTok Downloaders on Chrome and Edge Spying on 130,000 Users
Over 130,000 users are at risk from fake TikTok downloader extensions on Chrome and Microsoft Edge. Researchers discovered these malicious tools use device fingerprinting to spy on users and steal sensitive browser data.
Google Chrome Update Disrupts Infostealer Cookie Theft
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows.
Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users
A fake Chrome browser extension called 'ChatGPT Ad Blocker' was harvesting conversations of ChatGPT users in the name of offering an ad-free experience.
Storm Infostealer Sold as Service, Targets Browsers, Wallets and Accounts
New research from Varonis Threat Labs reveals Storm infostealer, a malicious subscription service that bypasses Google Chrome encryption.…
287 Chrome Extensions Caught Harvesting Browsing Data from 37M Users
New investigation by Q Continuum reveals 287 Chrome extensions leaking the private browsing data of 37.4 million users to firms like Similarweb and Alibaba. Learn how these harmless tools turn your history into a product.
16 Fake ChatGPT Extensions Caught Hijacking User Accounts
A coordinated campaign of 16 malicious GPT optimisers has been caught hijacking ChatGPT accounts. These tools steal session tokens to access private chats, Slack, and Google Drive files.
$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome
Say hello to Stanley, a new malicious toolkit that guarantees bypassing Google’s Chrome Web Store review process.