Claude Opus wrote a Chrome exploit for $2,283

In a blog post on Wednesday, Mohan Pedhapati (s1r1us), CTO of Hacktron, described how he used Opus 4.6 to create a full ...
The Hacker News

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

According to Socket, the extensions (complete list here) are published under five distinct publisher identities – Yana ...

I finally quit Chrome for an open source browser, and I'm not looking back

I wish I had switched to this open source browser sooner ...

Google Chrome security flaw: Government flags bugs found in recent version; here's what you need to know and do

CERT-In flags multiple vulnerabilities in Google Chrome that could allow remote code execution and data theft, urging users ...
InfoWorld

Tap into the AI APIs of Google Chrome and Microsoft Edge

The Chrome and Edge browsers have built-in APIs for language detection, translation, summarization, and more, using locally ...

LinkedIn secretly scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...
The American Bazaar

Cybersecurity firm identifies 108 malicious Chrome extensions affecting 20,000 users

All 108 route stolen credentials, user identities, and browsing data to servers controlled by the same operator," Security Researcher Kush Pandya said in an analysis ...

108 Google Chrome Extensions Are Stealing User Data, Over 20,000 Users Affected

Collectively, the extensions amassed about 20,000 installs in the Chrome Web Store. All 108 extensions route stolen ...

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google patches 21 Chrome vulnerabilities, including an actively exploited zero-day flaw that could enable code execution and ...
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...

Chrome 147 patch fixes 60 security flaws, including 2 critical ones

The latest update for Google Chrome patches 60 security vulnerabilities, including 2 critical buffer overflows in WebML.

LinkedIn Accused Of Tracking Users Through BroweserGate Scripts, All You Need To Know

Recent findings indicate that LinkedIn may not be as trustworthy as previously thought. A report from Fairlinked eV, corroborated by Bleeping Computer, reveals that LinkedIn injects a JavaScript ...