Browser Security

Browser Security Alert: Chrome Patches & New Edge API

25 Nov 2025 — 2 min read

This newsletter is AI generated and may hallucinate sometimes 😊

Introducing shopping research in ChatGPT

ChatGPT now includes a shopping research feature for efficient product comparison and discovery.
Powered by GPT-5 mini, it reads trusted sites, cites sources, and uses organic public retail data.
User chats are never shared with retailers, ensuring privacy; users should verify product details.

Source: OpenAI | Date: November 24, 2025

Comet, an AI-native web browser, officially launches for Android mobile devices.
The browser features an integrated AI assistant, voice recognition, and multi-tab content summarization.
Comet includes a built-in ad blocker for privacy and offers a distraction-free browsing experience.

Source: Perplexity AI Hub | Date: November 20, 2025

Microsoft Edge is rolling out the Web Install API for testing, allowing web applications (PWAs) to be installed directly from a button click without needing a browser prompt.
This API aims to enhance user experience for Progressive Web Apps by simplifying the installation process into a single, intuitive action.
Developers can integrate the Web Install API to provide a more native and seamless installation flow for their PWAs, moving beyond traditional browser-initiated prompts.

Source: Microsoft Edge Dev Blog | Date: November 24, 2025

A critical vulnerability, CVE-2025-65108, with a CVSS score of 10.0, allows unauthenticated remote code execution (RCE) via JavaScript injection in Markdown front-matter.
The flaw leverages improper handling of untrusted input during the Markdown to PDF conversion process, allowing malicious JavaScript to execute within the conversion environment.
Successful exploitation can lead to arbitrary code execution, enabling attackers to take over affected systems or compromise sensitive data.

Source: SecurityOnline.info | Date: November 24, 2025

Google has released a stable channel update for Chrome, bringing versions to 120.0.6099.199/.200 for Windows, Mac, and Linux which will roll out over the coming days.
The update addresses several security vulnerabilities, with specific details generally available upon full public disclosure of all bugs.
Users are advised to update their Chrome browsers immediately to the latest version to incorporate the security fixes and maintain browser integrity.

Source: Chrome Releases Blog | Date: November 17, 2025

Loughborough University IT Services issued an urgent alert, advising all users to update their Google Chrome browsers immediately to safeguard against potential threats.
The alert highlights that the latest Chrome update includes critical security patches necessary to protect against serious vulnerabilities.
Failure to update could leave systems vulnerable to exploits, emphasizing the importance of applying the new stable version as soon as possible.

Source: Loughborough University IT Services | Date: November 20, 2025

Google has rolled out an emergency security update for its Chrome browser to mitigate multiple critical vulnerabilities.
This update aims to address severe security flaws that could potentially be exploited by attackers, though specific exploitation details are often withheld for broader user protection.
Users are strongly encouraged to update their Chrome installations to the latest version to ensure immediate protection against these critical issues.

Source: Cyberpress.org | Date: November 17, 2025