June 26, 2024 at 12:27PM Google has introduced new Chrome Enterprise Core features tailored for IT and security teams, aiming to enhance productivity and security. This development was highlighted in a post on SecurityWeek. Based on the meeting notes, it’s clear that Google has introduced new Chrome Enterprise Core features designed to benefit IT and … Read more
June 1, 2024 at 05:34PM Google plans to phase out Manifest V2 extensions in Chrome from June 3, 2024, impacting ad blockers. Manifest V3 aims to enhance security, privacy, and performance of Chrome extensions by limiting access to user network requests. This requires developers to adapt, affecting popular ad blockers like uBlock Origin, prompting the … Read more
May 19, 2024 at 01:50PM The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three vulnerabilities to its ‘Known Exploited Vulnerabilities’ catalog, one impacting Google Chrome and two affecting D-Link routers. Federal agencies have until June 6th to address these issues, including a 10-year-old vulnerability in D-Link routers. CISA has not provided further details … Read more
May 16, 2024 at 08:57AM A new zero-day vulnerability has been disclosed for Google Chrome, marking the third such bug revealed within a week. Google has released an emergency fix for the high-severity flaw (CVE-2024-4947) affecting Mac, Windows, and Linux. This type-confusion weakness in the Chrome V8 JavaScript engine can lead to browser crashes and … Read more
May 16, 2024 at 05:09AM Google released Chrome 125 with patches for nine vulnerabilities, including high-severity bugs CVE-2024-4947 and CVE-2024-4948. Exploitation of CVE-2024-4947 could allow remote code execution, and Google acknowledged its exploitation in the wild. Updates are advised due to recent zero-day vulnerabilities. Bug bounty details have not been disclosed. From the meeting notes, … Read more
May 14, 2024 at 04:11AM Google has released emergency security updates for its Chrome browser, addressing a high-severity zero-day vulnerability exploited in attacks. This comes after fixing another zero-day vulnerability just three days earlier. The latest bug, CVE-2024-4761, affects Chrome’s V8 JavaScript engine and allows out-of-bounds write issues, the sixth zero-day bug fixed in 2024. … Read more
May 6, 2024 at 05:49PM Google is introducing a new “Video Chapter” feature to Google Chrome, allowing publishers to add video chapters to embedded videos on websites. This feature, utilizing the MediaMetadata interface for the Media Session API, enables viewers to easily navigate and rewatch specific parts of a video. It will be included in … Read more
April 10, 2024 at 02:31AM Google has introduced Chrome Enterprise Premium, targeting corporate users with AI-enhanced security features for $6 monthly per user. Gartner’s prediction about browsers becoming an enterprise platform by 2030 is becoming a reality, prompting a reevaluation of browser monetization. Chrome already offers strong security, but the Premium version provides additional AI-driven … Read more
April 8, 2024 at 07:36AM Google has introduced a new sandbox to combat memory safety bugs in its Chrome V8 engine. The tech giant also included it in the bug bounty program, aiming to enhance the browser’s security. This update was featured on SecurityWeek. Based on the meeting notes, it appears that Google is implementing … Read more
April 3, 2024 at 10:15AM Google is testing Device Bound Session Credentials (DBSC) in Chrome to protect against session hijacking by malware. The feature binds authentication sessions to a device, disrupting cookie theft and making it harder to abuse stolen cookies. It uses a cryptographic approach and is initially rolled out to half of Chrome’s … Read more