New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven. [more]
Google is working on a new Unrestricted WebUSB feature, which allows trusted isolated web apps to bypass security restrictions in the WebUSB API. [more]
In August we reported that Google risked a fine of NOK 51 billion in connection with Chrome's incognito mode. [more]
With Manifest V3, Google wants to make extensions safer by prioritizing privacy, but was initially criticized for the impact to ad blockers. The Chrome team has since added new features in response and is ready to disable old Manifest V2 extensions in 2024. [more]
Cloudflare has launched "Encrypted Client Hello" for website administrators using the free version of the service. That includes pirate websites. [more]