Browser Security

Browser Security Roundup: Edge, Chrome Extensions, AI Phishing & React RCE

14 Feb 2026 — 3 min read

This newsletter is AI generated and may hallucinate sometimes 😊

zkLogin: when ZKP is not enough

Critical vulnerabilities discovered in zkLogin blockchain authorization, despite using zero-knowledge proofs.
Identified flaws include JWT parsing ambiguities, weak token binding, centralization risks, and impersonation attacks.
Zero-knowledge proofs alone do not guarantee secure authentication, due to complex web-to-blockchain translation.

Source: Brave | Date: February 13, 2026

Microsoft Edge is rolling out a new feature allowing enterprises to validate upcoming browser builds ahead of their official stable release.
This pre-release validation capability enables IT administrators to test compatibility, identify potential issues, and ensure smoother deployment of critical updates and new features within their organizations.
The initiative aims to enhance enterprise readiness and security posture by providing a proactive mechanism for feedback and mitigation before broader distribution.

Source: Microsoft 365 Roadmap | Date: February 2026

Microsoft Edge is implementing user interface improvements for managing site permissions, making it more intuitive for users to understand and control website access to device resources.
These enhancements aim to provide greater transparency and control over privacy settings, allowing users to easily review and adjust permissions for elements like camera, microphone, and location.
The updated interface will streamline the process of managing site-specific security configurations, thereby improving overall user security hygiene and decision-making.

Source: Microsoft 365 Roadmap | Date: February 2026

Google's Threat Analysis Group (TAG) has reported that state-backed hacking groups from Russia, North Korea, China, and Iran are leveraging generative AI, including Google's Gemini, for various malicious cyber operations.
These threat actors are utilizing AI tools to craft highly persuasive phishing content, summarize vast amounts of open-source intelligence for reconnaissance, and assist in developing malicious code.
The exploitation of AI in these attacks significantly elevates the threat landscape for browser security, as AI-generated phishing campaigns can more effectively bypass traditional defenses and manipulate user interaction with web content.

Source: Security Affairs | Date: February 13, 2026

Security researchers have uncovered a new campaign involving several malicious Chrome extensions designed to exfiltrate sensitive business data, including email content, internal documents, and comprehensive browsing history.
These extensions employed sophisticated obfuscation techniques and abused legitimate browser APIs to discreetly gather and transmit data from compromised user accounts to attacker-controlled servers.
The incident highlights the persistent and evolving threat posed by rogue browser extensions, urging users and organizations to maintain vigilance, regularly audit installed extensions, and adhere to a principle of least privilege.

Source: The Hacker News | Date: February 13, 2026

A critical vulnerability has been identified in the next-mdx-remote library, enabling arbitrary code execution within React server-side rendering (SSR) environments when processing untrusted MDX content.
This flaw allows attackers to inject malicious code through specially crafted MDX, which, upon server-side rendering, executes with the privileges of the server application, potentially leading to full system compromise.
Developers leveraging next-mdx-remote should prioritize updating their installations to patched versions (e.g., 4.4.15 or 5.0.0 for Next.js 13+) to mitigate this severe remote code execution risk.

Source: CyberSecurityNews | Date: February 13, 2026