Browser Security

Browser Security Roundup: Malicious Extensions, Phishing Campaigns, and Key Updates

Nishant Sharma

4 min read

Vivaldi 7.7: less friction, more control

  • Vivaldi 7.7 updates Chromium engine to 142.0.7444.167, incorporating upstream security patches.
  • Redesigned Privacy Dashboard offers clearer visibility of blocked trackers and per-site management.
  • New Performance settings introduce Memory Saver options for managing inactive tabs.

Source: Vivaldi | Date: November 13, 2025

Are you paying more than other people? NY cracks down on surveillance pricing

  • "Surveillance pricing" algorithms use personal data to set individualized prices for consumers.
  • Consumers may unknowingly pay more due to data-driven pricing, raising privacy and fairness concerns.
  • New York's new Act requires disclosure of algorithmic pricing, prohibits protected class data use.

Source: Malwarebytes Labs | Date: November 13, 2025

Introducing GPT-5.1 for developers

  • GPT-5.1 introduces an 'apply_patch' tool for structured, auditable code editing, enhancing security.
  • A new 'shell' tool enables controlled command execution, requiring careful integration to prevent exploits.
  • Extended 24-hour prompt caching boosts efficiency but necessitates secure handling of sensitive data.

Source: OpenAI | Date: November 13, 2025

Malicious Chrome Extension "Safery" Steals Ethereum Wallet Seed Phrases

  • A fraudulent Chrome browser extension named "Safery" has been identified actively stealing Ethereum wallet seed phrases from unsuspecting users.
  • The malicious extension specifically targets cryptocurrency holders by leveraging the Sui blockchain to exfiltrate stolen cryptographic keys.
  • Users are strongly advised to exercise extreme caution when installing browser extensions and to meticulously verify their legitimacy to prevent significant financial losses.

Source: The Hacker News | Date: November 13, 2025

Russian Hackers Deploy 4,300 Fake Travel Sites in Widespread Phishing Campaign

  • A sophisticated Russian hacking group has established over 4,300 fraudulent travel websites designed to steal payment data from hotel guests.
  • These elaborate phishing sites are meticulously crafted to mimic legitimate hotel booking platforms, deceiving users into submitting sensitive financial and personal information.
  • This campaign underscores the pervasive threat of web-based social engineering, emphasizing the critical need for users to verify website authenticity before engaging in transactions.

Source: The Hacker News | Date: November 13, 2025

Cisco Catalyst Center Affected by Cross-Site Scripting (XSS) Vulnerability

  • A Cross-Site Scripting (XSS) vulnerability has been identified in the web-based user interface of Cisco Catalyst Center, allowing attackers to execute arbitrary script code in a user's browser context.
  • This flaw could enable various client-side attacks, including session hijacking, website defacement, or redirection to malicious external sites if an authenticated user views specially crafted content.
  • Cisco has released security updates to address this XSS vulnerability, and customers are urged to apply them promptly to secure their installations.

Source: Cisco Security Advisory | Date: November 13, 2025

Cisco Catalyst Center Vulnerable to HTTP Open Redirect

  • A HTTP Open Redirect vulnerability has been discovered in the web interface of Cisco Catalyst Center Virtual Appliance, which allows attackers to redirect users to arbitrary malicious websites.
  • This critical flaw can be leveraged in sophisticated phishing attacks to deceive users into visiting attacker-controlled domains, potentially leading to credential harvesting or malware delivery.
  • Cisco has made security updates available to resolve this vulnerability, advising all users to implement the patches to protect against redirection-based exploitation.

Source: Cisco Security Advisory | Date: November 13, 2025

Kibana Vulnerabilities Expose Users to SSRF and XSS Attacks

  • Several vulnerabilities have been identified in Kibana, including Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS) flaws.
  • These vulnerabilities could enable attackers to execute arbitrary script code in the browser context via XSS or perform unauthorized requests from the Kibana server through SSRF.
  • Users of Kibana are strongly advised to update their installations to the latest patched versions to mitigate the significant risks associated with these web-based attack vectors.

Source: Cybersecurity News | Date: November 13, 2025

GitLab Vulnerabilities Allow Malicious Prompt Injection and Data Theft

  • Multiple vulnerabilities within GitLab, including prompt injection flaws, have been disclosed that could allow attackers to steal sensitive user data.
  • These flaws exploit how GitLab's integrated AI features process user-supplied input, potentially enabling unauthorized data extraction through manipulated prompts.
  • Organizations utilizing GitLab are urged to apply security updates immediately to protect against these vulnerabilities, which can compromise data integrity and confidentiality.

Source: Cybersecurity News | Date: November 13, 2025

November 2025 Patch Tuesday Addresses One Zero-Day and Five Critical Flaws

  • Microsoft's November 2025 Patch Tuesday release addresses a total of 63 vulnerabilities, including one actively exploited zero-day and five critical flaws.
  • The critical vulnerabilities encompass issues that could lead to remote code execution (RCE) across various Microsoft products, potentially impacting browser components like Edge.
  • Users and administrators are advised to apply all available updates promptly to mitigate risks from these actively exploited and high-severity security issues affecting Microsoft platforms.

Source: CrowdStrike | Date: November 12, 2025

Mozilla Introduces AI Integration Initiatives for Firefox

  • Mozilla is actively developing and integrating AI capabilities into the Firefox browser, emphasizing an approach centered on user privacy and open standards.
  • The initiative aims to enhance the browser experience through advanced AI features while allowing users to provide input to help shape development and ensure ethical implementation.
  • This development highlights potential shifts in how data is processed within the browser and the ongoing commitment to maintaining strong security and privacy with new AI functionalities.

Source: Mozilla Blog | Date: November 13, 2025

Microsoft Edge Introduces New WebGL Software Backend

  • Microsoft Edge is rolling out a new WebGL software backend aimed at significantly improving performance and stability for WebGL content.
  • This update is designed to enhance the user experience, particularly on devices with less powerful GPUs or in environments where hardware acceleration is restricted.
  • The new backend processes WebGL graphics through software rendering, ensuring broader compatibility and potentially mitigating hardware-specific security or stability issues.

Source: Microsoft 365 Roadmap | Date: November 14, 2025

Chrome Beta 143 Released Across All Major Platforms

  • Google has released Chrome Beta 143 for iOS, Android, Windows, macOS, and Linux, providing an early preview of upcoming features and security improvements.
  • This beta release allows developers and testers to evaluate new functionalities, identify potential issues, and report bugs before the stable version rollout.
  • Users participating in the beta program are encouraged to report any encountered issues to help Google refine the browser's stability, performance, and security posture.

Source: Chrome Releases Blog | Date: November 13, 2025

References

  1. Fake Chrome Extension “Safery” Steals Ethereum Wallet Seed Phrases Using Sui Blockchain - The Hacker News
  2. Russian Hackers Create 4,300 Fake Travel Sites to Steal Hotel Guests' Payment Data - The Hacker News
  3. Cisco Catalyst Center Cross-Site Scripting Vulnerability - Cisco Security Advisory
  4. Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability - Cisco Security Advisory
  5. Multiple Kibana Vulnerabilities Enables SSRF and XSS Attacks - Cybersecurity News
  6. Multiple GitLab Vulnerabilities Let Attackers Inject Malicious Prompts to Steal Sensitive Data - Cybersecurity News
  7. November 2025 Patch Tuesday: One Zero-Day and Five Critical Vulnerabilities Among 63 CVEs - CrowdStrike
  8. Introducing AI, the Firefox way: A look at what we’re working on and how you can help shape it - Mozilla Blog
  9. Microsoft Edge: New WebGL software backend - Microsoft 365 Roadmap
  10. Chrome Beta 143 Released for iOS, Android, Windows, Mac, and Linux - Chrome Releases Blog
  11. Chrome extension “Safery” steals Ethereum wallet seed phrases - Security Affairs

Read more