July 31, 2024 at 09:08AM Google announced improved cookie protections in Chrome 127 for Windows, along with a security update resolving three vulnerabilities. The most serious defect is a critical-severity issue in the open source implementation of the WebGPU standard, and two high-severity bugs were also addressed. Google is rolling out the update and advises … Read more
May 16, 2024 at 05:09AM Google released Chrome 125 with patches for nine vulnerabilities, including high-severity bugs CVE-2024-4947 and CVE-2024-4948. Exploitation of CVE-2024-4947 could allow remote code execution, and Google acknowledged its exploitation in the wild. Updates are advised due to recent zero-day vulnerabilities. Bug bounty details have not been disclosed. From the meeting notes, … Read more
March 18, 2024 at 09:15AM Researchers from Graz University of Technology in Austria and the University of Rennes in France discovered a new graphics processing unit (GPU) attack on popular browsers and graphics cards. By using the WebGPU API, they demonstrated an attack from within a web browser using JavaScript, showing potential risks and implications … Read more
January 4, 2024 at 10:13AM Google announced the first Chrome security update of 2024, resolving six vulnerabilities, including high-severity memory safety flaws reported by external researchers. Bug bounty rewards were handed out for some of the reported flaws. The update strengthens Chrome’s defenses against exploitation and is available for macOS, Linux, and Windows. No current … Read more