Leaky Chrome extensions with 37M installs caught shipping your browsing history

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
eWeek

Fake AI Chrome Extensions Exposed 260,000 Users, Targeting Gmail

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...

We let Chrome’s Auto Browse agent surf the web for us—here’s what happened

Unlike the OpenAI agent, Google’s new Auto Browse agent has extraordinary reach because it’s part of Chrome, the world’s most popular browser by a wide margin. Google began rolling out Auto Browse (in ...