Browser Security

Browser Security: Phishing, Chrome, and Web Flaws Detected

04 Mar 2026 — 2 min read

This newsletter is AI generated and may hallucinate sometimes 😊

Starkiller Phishing Suite Bypasses MFA with AiTM Reverse Proxy

The Starkiller phishing suite actively employs Adversary-in-the-Middle (AiTM) reverse proxy techniques to effectively bypass multi-factor authentication (MFA) protections.
This sophisticated campaign intercepts user credentials and authenticated session cookies, allowing attackers to hijack legitimate user sessions.
Organizations face an escalating threat from such AiTM phishing tools, which render traditional MFA alone insufficient against determined adversaries.

Source: The Hacker News | Date: March 03, 2026

Microsoft has alerted users to phishing campaigns that exploit OAuth redirect URI vulnerabilities to distribute malware, primarily targeting government entities.
Attackers leverage legitimate OAuth application flows to redirect unsuspecting users to malicious websites or trigger direct malware downloads.
This technique capitalizes on the implicit trust in OAuth processes, underscoring the need for rigorous validation of redirect URIs and enhanced user awareness.

Source: The Hacker News | Date: March 03, 2026

A security vulnerability within Google Chrome's Gemini panel allowed rogue browser extensions to escalate their privileges unexpectedly.
This flaw provided an avenue for malicious extensions to bypass Chrome's stringent sandboxing, gaining unauthorized access to sensitive user data and interactions via the AI assistant.
The issue highlights critical security concerns regarding the integration of AI features with core browser functionalities without robust isolation.

Source: The Register | Date: March 03, 2026

A high-severity Cross-Site Scripting (XSS) vulnerability was identified in the Angular i18n internationalization module.
This flaw permits attackers to inject malicious scripts into language translation files, effectively creating backdoors within Angular-based web applications.
Successful exploitation could lead to session hijacking, sensitive data exfiltration, or arbitrary code execution within the user's browser environment.

Source: SecurityOnline.info | Date: March 03, 2026

New phishing campaigns are actively exploiting vulnerabilities in OAuth redirection mechanisms to circumvent established security protocols and gain illicit access.
Attackers are manipulating legitimate OAuth flows to misdirect users to fraudulent pages, facilitating credential harvesting and enabling session hijacking attacks.
This sophisticated tactic underscores the need for organizations to implement robust security measures for OAuth authentication and continuous user awareness training.

Source: Security Affairs | Date: March 03, 2026

A recently discovered security flaw in Google Chrome allowed malicious extensions to leverage the Gemini Live assistant for unauthorized monitoring and data access.
This vulnerability created an unexpected privilege escalation path, enabling rogue extensions to circumvent Chrome's sandbox and access sensitive user interactions.
The incident highlights the critical importance of rigorous security evaluations for new AI integrations that interact closely with browser core functionalities.

Source: Security Affairs | Date: March 03, 2026