Chrome 143 has been released with patches addressing 13 vulnerabilities, including a critical flaw in the V8 JavaScript engine. This update is crucial for maintaining the security of users against potential exploits targeting these vulnerabilities.
Articles tagged "Google"
Found 117 articles
SCM feed for Latest
The 2025 State of Cloud Security report highlights a significant cybersecurity threat due to the prevalence of outdated cloud identities, with 59% of AWS IAM users and 55% of Google Cloud service accounts having active keys older than one year. This creates a substantial attack surface, increasing the risk of unauthorized access and potential breaches.
Help Net Security
Google has addressed 51 vulnerabilities in Android, including two high-severity flaws (CVE-2025-48633 and CVE-2025-48572) that are potentially under targeted exploitation. Both vulnerabilities impact the Android Framework, which is essential for app development, and could allow malicious applications to access sensitive information.
Albiriox is a new banking trojan developed by Russian cybercriminals, marketed through a malware-as-a-service model for a monthly fee. This malware poses a significant threat to Android users by targeting banking information and financial transactions, highlighting the ongoing risks associated with mobile malware.
Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More
Cato Networks has identified a new vulnerability known as HashJack, which exploits the '#' symbol in URLs to execute malicious commands in AI browsers. While Microsoft and Perplexity have addressed this flaw, Google's Gemini remains vulnerable, highlighting a significant risk for users of that platform.
The Hacker News
A malicious Chrome extension named Crypto Copilot has been identified, capable of injecting hidden Solana transfer fees into swap transactions, redirecting funds to an attacker's wallet. This poses a significant threat to users engaging in cryptocurrency transactions on the Raydium platform, highlighting the need for vigilance against browser-based threats.
The Hacker News
This week, significant cybersecurity threats emerged as hackers exploited new 0-day vulnerabilities in Fortinet and Chrome, infiltrating supply chains and SaaS tools. The rapid response from major companies like Microsoft, Salesforce, and Google highlights the severity of these attacks and the ongoing challenges in securing trusted applications and software updates.
All CISA Advisories
CISA has identified that various cyber threat actors are using commercial spyware to target users of mobile messaging applications, employing tactics such as phishing, zero-click exploits, and impersonation. The focus is primarily on high-value individuals including government and military officials, indicating a serious threat to sensitive communications.
Google has updated its Quick Share service to enable compatibility with Apple's AirDrop, facilitating easier file sharing between Android and iPhone devices. This feature is currently available for the Pixel 10 lineup and is expected to expand to other devices in the future.
The newly identified Sturnus Banking Trojan is currently under development and primarily targets messaging applications like WhatsApp, Telegram, and Signal, with a focus on users in Europe. This poses a significant risk to user privacy and security as it aims to exploit sensitive communications.
The Sturnus Android banking trojan poses a significant threat by enabling credential theft and complete device takeover for financial fraud. Its unique capability to bypass encrypted messaging by capturing decrypted content directly from the device screen raises serious concerns about user privacy and security.
CISA has added CVE-2025-13223, a Google Chromium V8 Type Confusion Vulnerability, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal enterprises, prompting CISA to urge timely remediation by all organizations to mitigate potential cyberattacks.