Bleeping Computer

VoidStealer malware steals Chrome master key via debugger trick

An information stealer called VoidStealer uses a new approach to bypass Chrome’s Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser. The ...

Claude Opus wrote a Chrome exploit for $2,283

In a blog post on Wednesday, Mohan Pedhapati (s1r1us), CTO of Hacktron, described how he used Opus 4.6 to create a full ...
InfoWorld

Tap into the AI APIs of Google Chrome and Microsoft Edge

The Chrome and Edge browsers have built-in APIs for language detection, translation, summarization, and more, using locally ...
Bleeping Computer

Google fixes fourth Chrome zero-day exploited in attacks in 2026

Google released emergency updates to fix another Chrome zero-day vulnerability exploited in attacks, marking the fourth such security flaw patched since the start of the year. "Google is aware that an ...
9to5google

Google says Android with Chrome is ‘fastest mobile platform for web browsing’

Google shared today that Android and Chrome have set “new performance records” for mobile web browsing. The company is specifically using the Speedometer and LoadLine benchmarks to make this “fastest ...
Security Boulevard

A fake Slack download is giving attackers a hidden desktop on your machine

This trojanized Slack installer looks normal, but quietly gives attackers an invisible desktop to access your accounts and ...
The Hacker News

⚡ Weekly Recap: Vercel Hack, Push Fraud, QEMU Abused, New Android RATs Emerge & More

Monday cybersecurity recap on evolving threats, trusted tool abuse, stealthy in-memory attacks, and shifting access patterns.
Security Boulevard

Fuzzing to Zero-Day: Pwning V8CTF With TurboFan Type Confusion, CVE-2025-2135

The bug was assigned CVE-2025-2135, and we successfully used it to pwn Google’s V8CTF as a zero-day. The root cause lies in TurboFan’s InferMapsUnsafe() function, which fails to handle aliasing when ...