Tag: browser-security

Chrome Extensions Go Rogue After Ownership Transfer: Weekly Security Roundup

Two Chrome extensions became malicious following ownership transfers, allowing attackers to inject code and steal user data. Meanwhile, mid-market organizations continue struggling to achieve enterprise-level security postures amid increasing supply chain attack awareness.

Mar 9, 2026The Hacker News, SANS ISC

chrome-extensionssupply-chainmalware

🇺🇸Google

highMalware & Threats

Threat Landscape Roundup: Zero-Day Surge, State Actor Campaigns, and Multi-Million Dollar Fraud Operations

Google's threat intelligence reveals 90 zero-day vulnerabilities were actively exploited in 2025, with nearly half targeting enterprise infrastructure. Concurrently, state-sponsored groups continue targeting telecommunications providers while cybercriminals execute multi-million dollar fraud schemes through business email compromise and cryptocurrency theft.

Mar 6, 2026BleepingComputer, Cisco Talos, Malwarebytes Labs, SecureList (Kaspersky)

zero-dayaptmalware

🇺🇸Google

criticalVulnerabilities & Exploits

Google Patches Zero-Day CSS Vulnerability in Chrome

Google released emergency Chrome update addressing CVE-2026-2441, a zero-day CSS vulnerability reportedly exploited in active attacks.

Feb 18, 2026Hacker News (filtered)

zero-daychromecss

🇺🇸Google