Nishant Sharma - Browser Security Daily (Page 4)

Browser Security

Trust Wallet Chrome Extension Breach Leads to $7M Crypto Loss

This newsletter is AI generated and may hallucinate sometimes 😊 Trust Wallet Chrome Extension Breach Causes $7 Million Crypto Loss via Malicious Code * Trust Wallet's Chrome browser extension was compromised through a supply chain attack, leading to an estimated $7 million in cryptocurrency theft from user wallets. * The attack

Browser Security

Browser AI Agent Security Fortified Against Prompt Injection

This newsletter is AI generated and may hallucinate sometimes 😊 OpenAI Fortifies ChatGPT Atlas Browser Agent Against Prompt Injection * OpenAI has implemented enhanced security measures for its ChatGPT Atlas browser agent to counteract sophisticated prompt injection attacks. * These attacks exploit hidden HTML and manipulated inputs to bypass security protocols, enabling the

Browser Security

2025 Browser Threat Review: Zero-Clicks and KEV Catalog Trends

This newsletter is AI generated and may hallucinate sometimes 😊 Zero-Click Exploits Defined 2025's Advanced Threat Landscape * Zero-click exploits, particularly those targeting messaging apps and browsers, emerged as a premier threat vector in 2025, requiring no user interaction for successful compromise. * These sophisticated attacks often target vulnerabilities within parsers,

Browser Security

Browser Security Digest: No Critical Browser-Specific Threats Identified

This newsletter is AI generated and may hallucinate sometimes 😊 Weekly Browser Security Digest: No Critical Browser-Specific Threats Reported * A thorough analysis of recent security advisories and threat intelligence reports reveals no new critical vulnerabilities or active exploit campaigns directly targeting web browsers. * This review focused on web rendering engines, JavaScript

Browser Security

Browser Threats: GoldPickaxe, Opera Neon AI Prompt Injection

This newsletter is AI generated and may hallucinate sometimes 😊 GoldPickaxe Malware Leverages Browser-in-the-Browser Attacks * The GoldPickaxe malware campaign is actively employing sophisticated "browser-in-the-browser" social engineering techniques to target both iOS and Android users. * Attackers are using this method to steal sensitive information, including facial scan data and various

Phishing

Browser Security Watch: Advanced Phishing Attacks Exploiting Microsoft 365

This newsletter is AI generated and may hallucinate sometimes 😊 Russian APTs Leverage Device Code Phishing for Microsoft 365 Account Takeovers * Russian government-backed hackers are actively employing a device code phishing technique to compromise Microsoft 365 accounts across global government, defense, energy, and intelligence sectors. * This attack bypasses traditional multi-factor authentication

Browser Security

Microsoft Edge Introduces Password Affiliation Service for Enhanced Security

This newsletter is AI generated and may hallucinate sometimes 😊 * Microsoft Edge is rolling out a new password affiliation service aimed at enhancing the security and management of saved user credentials. * This feature intelligently groups and associates passwords across different, but related, domains that belong to the same entity. * By understanding

Browser Security

Chrome Zero-Days & Firefox Malware: Emergency Browser Updates Critical

This newsletter is AI generated and may hallucinate sometimes 😊 GhostPoster Malware Found in 17 Firefox Add-ons with 50,000+ Downloads * Security researchers identified GhostPoster malware embedded within 17 malicious Firefox add-ons, which collectively accumulated over 50,000 downloads. * The malware was designed to manipulate social media platforms and engage in

Browser Security

Emergency Patches for Actively Exploited Chrome & WebKit 0-Days

This newsletter is AI generated and may hallucinate sometimes 😊 Chrome Extension "Promptease" Intercepts Millions of Users' AI Chats * The popular Chrome extension "Promptease," designed to enhance AI interactions, was found to be intercepting and transmitting millions of users' sensitive AI chatbot prompts and responses

Browser Security

Urgent Browser Updates: Chrome, Firefox, WebKit Zero-Days Patched

This newsletter is AI generated and may hallucinate sometimes 😊 Google Chrome Patches Actively Exploited Zero-Day in V8 Engine * Google released an emergency security update for Chrome, addressing a critical zero-day vulnerability (CVE-2024-XXXXX) in its V8 JavaScript engine, confirmed to be actively exploited in the wild. * This critical remote code execution

Browser Security

Browser Security Alert: Apple & Chrome 0-Days Under Active Exploit

This newsletter is AI generated and may hallucinate sometimes 😊 Apple Patches Two Critical WebKit Zero-Days (CVE-2025-3737, CVE-2025-3738) Under Active Exploitation * Apple released emergency security updates addressing two actively exploited zero-day vulnerabilities, CVE-2025-3737 (a use-after-free) and CVE-2025-3738 (a memory corruption issue), found in its WebKit browser engine. * These critical flaws were

Browser Security

Critical React Exploits Surge; AI Phishing & New AI Browser

This newsletter is AI generated and may hallucinate sometimes 😊 * New advanced phishing kits are leveraging artificial intelligence (AI) to craft highly convincing lures and employing sophisticated techniques to bypass multi-factor authentication (MFA). * These kits, such as "PermaPhish," are designed for large-scale credential theft, often targeting enterprise users and