All CosmicBytez Labs articles tagged #Chrome, across news, security advisories, how-to guides, and projects.
Threat actors linked to North Korea's Contagious Interview campaign have published 108 malicious packages and browser extensions across npm, Packagist,...
The Court of Justice of the European Union has dismissed Google's final appeal against a €4.1 billion antitrust fine, confirming that the company...
Microsoft uncovered a fake Perplexity AI Chrome extension that silently captured every search query and address bar keystroke, routing the data to an...
Security researchers at Island discovered that 'Adblock for YouTube,' a Chrome extension with over 10 million installs and a Featured badge, contains a...
Both Google and Mozilla have released urgent browser updates addressing multiple memory safety vulnerabilities, including critical-severity flaws that...
This week's security roundup covers an actively exploited Chrome zero-day, attackers abusing UniFi network controllers, fresh macOS infostealer campaigns,...
A critical out-of-bounds read and write vulnerability in the Chromium V8 engine allows remote attackers to execute arbitrary code inside a sandbox via a...
An autonomous AI security agent found 21 previously unknown vulnerabilities in FFmpeg, the media library powering countless applications. The same week…
Google has released Chrome 148 with patches for 151 security vulnerabilities, including critical-severity flaws that could allow remote code execution....
Google accidentally leaked information about an unpatched Chromium vulnerability that allows JavaScript to continue running in the background even after...
A CVSS 9.6 critical use-after-free vulnerability in the GPU component of Google Chrome prior to 147.0.7727.138 allows a remote attacker to potentially...
Microsoft released patches for 167 security vulnerabilities in April 2026, including an actively exploited SharePoint Server zero-day and the publicly...
This week's cybersecurity roundup covers the proposed Satellite Cybersecurity Act, a $90,000 Chrome heap overflow bug, a 16-year-old hacker arrest,...
This week's biggest cybersecurity stories: a North Korean supply chain attack hit the Axios npm package, a new Chrome zero-day under active exploitation,...
SentinelOne intercepts a LiteLLM supply chain attack in real time, attackers weaponize the Axios npm package to deploy a cross-platform RAT, and a Chrome...
Google has patched the fourth Chrome zero-day vulnerability actively exploited in attacks this year, a use-after-free flaw in the Dawn graphics engine...
Google has released a Chrome security update patching 21 vulnerabilities including a high-severity use-after-free zero-day in the Dawn graphics engine...
A high-severity heap buffer overflow in Chrome's GPU component allows remote attackers to execute arbitrary code via a crafted HTML page. Affects all...
A new infostealer named VoidStealer bypasses Chrome's Application-Bound Encryption by attaching a remote debugger to the browser process and using the...
Google activates ML-KEM post-quantum key encapsulation by default in Chrome 134 and announces migration timeline for all Google Cloud TLS connections.