Advertisement
Google Chrome DBSC: Preventing Account Takeover via Cookie Theft
Google Chrome rolls out Device Bound Session Credentials (DBSC) to protect users from session hijacking by cryptographically binding cookies to hardware.
Google Chrome ABE Bypass: Heightened Infostealer Threat
VoidStealer Trojan authors bypass Google Chrome's App-Bound Encryption (ABE), enabling infostealers to exfiltrate cookies and credentials from users.
April 2026 Patch Tuesday: SharePoint Zero-Day, BlueHammer, & Adobe RCE
Microsoft's April 2026 Patch Tuesday addresses 167 vulnerabilities, including a SharePoint Server zero-day, Windows Defender 'BlueHammer' flaw, and an actively exploited
Google Chrome 146 DBSC Implementation Hardens Windows Against Session Hijacking
Google releases Device Bound Session Credentials (DBSC) in Chrome 146 for Windows to mitigate cookie theft and session hijacking via hardware-backed security.
VoidStealer: Bypassing Chrome ABE via Remote Debugging Protocol
VoidStealer malware uses a novel debugger technique to bypass Google Chrome’s Application-Bound Encryption and exfiltrate browser-stored credentials.
Google Patches Chrome Zero-Days CVE-2026-3909 in Skia and V8
Google addresses two high-severity Chrome zero-days, including CVE-2026-3909, exploited in the wild via Skia and V8. Learn how to secure your browser now.
CVE-2026-0628: Chrome Gemini Panel Exploit Enables Privilege Escalation
A high-severity flaw in Google Chrome's Gemini side panel allowed malicious extensions to bypass security policies and access local files on target systems.
Chrome Gemini Live Hijacking: Malicious Extension Vulnerability
A vulnerability in Google Chrome’s Gemini Live AI assistant allowed malicious extensions to hijack sessions and steal user files. Learn more about the impact.
Google’s Path to Quantum-Safe Chrome HTTPS via Merkle Tree Certificates
Google is developing Merkle Tree Certificates (MTCs) for Chrome to transition the web toward post-quantum cryptography and enhance HTTPS certificate security.