Tag: chrome

8.5 million dollars: one of the largest robberies due to a Chrome extension

The hacking of the Trust Wallet Chrome extension, which occurred in November 2025, has exposed serious vulnerabilities in the company’s security, resulting in a theft of approximately 8.5 million dollars in assets. In a post-incident analysis, Trust Wallet revealed that the secrets of its GitHub repository were exposed, allowing the attacker to access the source code of the extension and the Chrome Web Store (CWS) API key. A million-dollar theft With full access to the CWS API thanks to the leaked key, the attacker managed to […]

The hacking of the Trust Wallet Chrome extension, which occurred in November 2025, has exposed serious vulnerabilities in the company’s security, resulting in the theft of approximately 8.5 million dollars in assets. In a post-incident analysis, Trust Wallet revealed that the secrets of its GitHub repository were exposed, allowing the attacker to access the source code of the extension and the API key for the Chrome Web Store (CWS).

A million-dollar robbery

With full access to the CWS API thanks to the leaked key, the attacker was able to upload malicious versions of the extension without going through the usual Trust Wallet review process. A malicious domain, “metrics-trustwallet[.]com”, was registered, where a trojanized version of the extension was distributed, designed to steal users’ mnemonic phrases and provide unauthorized access to their wallets.

This attack occurs in a broader context of a software supply chain incident known as Sha1-Hulud. This attack has affected multiple companies, allowing attackers to introduce malicious code through commonly used development tools. The new version of this malware, Shai-Hulud 3.0, has arrived with improvements in obfuscation and reliability, which could make its detection more difficult.

In light of this event, Trust Wallet has initiated a refund claim process for the victims, handling each case individually to protect against fraud. The company has also implemented additional monitoring capabilities and controls related to its launch processes, in order to prevent future incidents of this nature.

In a message following the attack, Trust Wallet warned about a million users of its extension to update to version 2.69, after a malicious update was made available. The recovery of stolen assets and the restoration of user trust will be essential in the coming months for the platform.

Google is facing a court decision that could very well end its monopoly forever

Judge Amit Mehta of the District of Columbia has ruled that Google must share its search data with its competitors and cannot maintain exclusive search agreements, a decision that represents a significant blow to the core of the company’s business. This ruling is the result of a lawsuit filed by the Department of Justice (DOJ) in 2020, which accused Google of illegally sustaining its dominance in the search market. Google could very well stop being the best search engine out there. Mehta’s decision directly affects the way Google […]

Judge Amit Mehta of the District of Columbia has ruled that Google must share its search data with its competitors and cannot maintain exclusive search agreements, a decision that represents a significant blow to the core of the company’s business. This ruling is the result of a lawsuit filed by the Department of Justice (DOJ) in 2020, which accused Google of illegally sustaining its dominance in the search market.

Google could very well stop being the best search engine out there

Mehta’s decision directly affects the way Google operates, as its search revenue largely depends on exclusive contracts that have established the company as the default search engine on high-relevance devices, such as those from Apple, to whom it pays around 20 billion dollars a year. Although Google will be able to continue operating its Chrome browser, losing the ability to have these exclusive agreements transforms the competitive dynamics of the market.

Google has expressed its intention to appeal the judge’s decision, arguing that these restrictions will negatively impact its ability to provide an efficient service to users. The company has always maintained that its business model benefits consumers by offering quick and effective access to online information.

The court’s ruling resonates with a growing concern over monopolistic practices in the tech industry, where companies like Google have come under intense scrutiny for their dominance in multiple sectors. As the case moves toward an appeal, it could set an important precedent in the regulation of large tech companies in the United States.

The impact of this decision could change the face of the search market, fostering a more competitive ecosystem. However, it remains to be seen how the situation will develop with Google’s possible appeal and the implications this could have for its future operations and for the sector in general.

Google Chrome DOWNLOAD

Discover a vulnerability in the architecture of Chrome and Google rewards him with 250,000 dollars

Google has awarded a historic reward of $250,000 to the security researcher known as Micky for discovering a critical vulnerability in the architecture of the Chrome browser. This vulnerability made it easier for malicious websites to escape Chrome’s sandbox protection, allowing arbitrary code execution on victims’ systems. A historic reward The flaw was due to an error in Chrome’s Inter-Process Communication system, particularly within the IPCZ transport mechanism. According to the details provided, the error was in the Transport::Deserialize function, where the system did not properly validate the header.destination_type parameters before […]

Google has awarded a historic reward of $250,000 to the security researcher known as Micky for discovering a critical vulnerability in the architecture of the Chrome browser. This vulnerability made it easier for malicious websites to escape Chrome’s sandbox protection, allowing arbitrary code execution on victims’ systems.

A historic reward

The failure was due to an error in Chrome’s Inter-Process Communication system, particularly within the IPCZ transport mechanism. According to the details provided, the error was in the Transport::Deserialize function, where the system did not adequately validate the header.destination_type parameters before creating transport objects. This allowed a malicious rendering process to manipulate this parameter to impersonate a privileged broker process.

The required attack vector was a multi-step process in which a compromised renderer sent manipulative messages to take control of the browser process resources. The proof of concept of the exploit demonstrated the ability to bypass the sandbox by duplicating handles of privileged browser processes, which included full permissions to execute system commands.

The decision to grant such a high reward reflects not only the sophistication of the exploit but also Google’s commitment to incentivizing security research, especially in critical areas of its browser. The vulnerability was responsibly disclosed on April 22, 2025, and Google’s security team, led by Alex Gough, implemented fixes in May 2025. These included the removal of transitive trust from transports and the implementation of stricter validation of the reliability of endpoints within the IPCZ system.

This event underscores the importance of collaboration between security researchers and technology companies to maintain the integrity and security of digital platforms.

Google DOWNLOAD

Google releases an update for Chrome that you need right now to protect your computer

Google has recently released updates to address six security issues in its Chrome browser, highlighting a critical vulnerability classified as CVE-2025-6558, which has already been exploited in the wild. This high-severity flaw has a CVSS score of 8.8 and is related to the improper validation of untrusted inputs in Chrome’s ANGLE and GPU components. A critical browser vulnerability The vulnerability allows a remote attacker to bypass the browser’s security restrictions through a malicious HTML page. This could compromise systems without the need for users to perform downloads or […]

Google has recently released updates to address six security issues in its Chrome browser, highlighting a critical vulnerability classified as CVE-2025-6558, which has already been exploited in the wild. This high-severity flaw has a CVSS score of 8.8 and is related to improper validation of untrusted inputs in Chrome’s ANGLE and GPU components.

A critical browser vulnerability

The vulnerability allows a remote attacker to bypass the browser’s security restrictions through a malicious HTML page. This could compromise systems without the need for users to perform downloads or additional interactions. The vulnerability was discovered by Clément Lecigne and Vlad Stolyarov from Google’s Threat Analysis Group on June 23, 2025, and is considered a particular risk, as it could result in a sandbox escape, granting access to low-level operations and potentially to the user’s systems.

Although Google has not revealed the exact nature of the attacks that exploit this vulnerability, it is acknowledged that an “exploit for CVE-2025-6558 exists in the wild,” suggesting the possibility of involvement from state actors. This announcement comes shortly after Google addressed another Chrome vulnerability (CVE-2025-6554) that also had a high potential for exploitation.

Since the beginning of the year, Google has fixed five critical vulnerabilities in Chrome that have been actively exploited or have been demonstrated as proof of concept. To protect against potential threats, users are advised to update their Chrome browser to versions 138.0.7204.157 and 138.0.7204.158 for Windows and macOS, and 138.0.7204.157 for Linux. Users of other Chromium-based browsers, such as Microsoft Edge and Brave, should also apply the available patches.

Google Chrome DOWNLOAD

Apple already knows what it will do if they are forced to abandon Chrome: use AI in this way

Apple faces an uncertain landscape following the recent remedies phase in the antitrust trial in the United States that examines the agreement between Google and the Cupertino company. This agreement, which establishes Google as the default search engine in Safari, brings Apple approximately $20 billion a year, accounting for about 5% of its annual revenue. However, this economic relationship could be jeopardized if it is confirmed that Google holds a dominant position in the market. Apple’s $20 billion bet: what would happen if the agreement with […]

Apple faces an uncertain landscape following the recent remedies phase in the antitrust trial in the United States that examines the agreement between Google and the Cupertino company.

This agreement, which establishes Google as the default search engine in Safari, brings Apple approximately 20 billion dollars a year, which represents about 5% of its annual revenue.

However, this economic relationship could be compromised if it is confirmed that Google holds a dominant position in the market.

Apple’s $20 billion bet: what would happen if the deal with Google falls through?

During the trial, Eddy Cue, Apple’s vice president of services, stated that the company has viable alternatives if the agreement with Google breaks. Among these options are artificial intelligence-powered search engines developed by companies like OpenAI and Anthropic.

Cue mentioned that, although these engines are not expected to be default on iPhone, iPad, and Mac devices, they represent an innovative and potentially lucrative approach for the future of searches on Apple.

Recently, Apple has begun collaborating with OpenAI to integrate ChatGPT into Siri, although this agreement has not brought immediate economic benefits. However, the possibility of a financial agreement with Anthropic, focused on developing artificial intelligence for development tools in Xcode, opens a new door for monetization in this sector.

The integration of AI-based search technologies could offer users personalized alternatives, and the arrival of competitors like SearchGPT is changing the traditional dynamics of the search market.

As the trial progresses, speculation about a possible dismantling of Google’s operations, including the sale of assets like Chrome, emerges as a scenario that could have profound implications for the company. Meanwhile, Apple seems to maintain a calm stance, although the pressure on Google is intensifying.

OpenAI is interested in acquiring Chrome if Google is forced to sell it

OpenAI has expressed its interest in acquiring the Chrome browser if Google is forced to sell it as a result of an antitrust lawsuit against the company. Nick Turley, product manager at OpenAI, stated during a hearing in Washington, D.C., that the startup is ready to consider purchasing the world’s most popular browser, should the court decide on that measure as part of the sanctions against Google. Judge Amit Mehta is the one who will determine the actions to be taken against Google, after a previous ruling found that the company maintained an illegal monopoly in […]

OpenAI has expressed its interest in acquiring the Chrome browser if Google is forced to sell it, following an antitrust lawsuit against the company.

Nick Turley, product manager at OpenAI, stated during a hearing in Washington, D.C., that the startup is ready to consider the purchase of the world’s most popular browser, in case the court decides on that measure as part of the sanctions against Google.

Judge Amit Mehta is the one who will determine the actions to be taken against Google, after a previous ruling found that the company maintained an illegal monopoly in the field of online searches.

The judge’s decision could force Google to sell Chrome to OpenAI

The lawyers for the United States government have requested that Google be forced to sell its Chrome browser, arguing that artificial intelligence could further increase its dominance in the internet search sector.

Google’s response has been vigorous, claiming that the Department of Justice (DOJ) proposal is excessive and beyond the scope of the case. According to Kent Walker, Google’s president of global affairs, the DOJ’s interventionist agenda could harm citizens and compromise the United States’ technological leadership on the global stage.

A Bloomberg analyst has estimated that the sales value of Chrome could exceed 15 billion dollars, a significant number given that the browser has more than 3 billion users.

During his testimony, Turley also mentioned that OpenAI had attempted to integrate its search technology into ChatGPT, but it was rejected by Google, reflecting the competitive tensions in the development of artificial intelligence in the tech sector.

The DOJ’s case against Google for its dominance in online searches was filed in 2020 and, following the decision in August 2024 against Google, the company has appealed.

Microsoft announces that Edge will finally be useful for something: watching guides while you play

Edge is not the most beloved browser among users. Microsoft knows this. Even if Windows comes with it already installed, the first thing everyone does is download their trusted browser. Generally Chrome, the more daring ones choose Firefox, and those who understand choose Opera. But practically no one sticks with Edge, compared to the base of devices on which it is installed. And Microsoft wants to change that. Microsoft Edge wants to be your new favorite tool for gaming. Microsoft has announced Edge Game Assist. A feature that allows using Edge as part of the overlay of the Game Bar, allowing us […]

Edge is not the most beloved browser among users. Microsoft knows this. Even if Windows comes with it already installed, the first thing everyone does is download their trusted browser. Generally Chrome, the more daring ones choose Firefox, and those who understand choose Opera. But practically no one sticks with Edge, compared to the base of devices on which it is installed. And Microsoft wants to change that.

Microsoft Edge wants to be your new favorite tool for gaming

Microsoft has announced Edge Game Assist. A feature that allows using Edge as part of the Game Bar overlay, enabling us to use it within our video games. And what is it for? So that, within compatible video games, it suggests guides, tips, and tricks for each specific moment of the game we are in. Making our lives easier. And not needing to exit to the desktop to look it up in our usual browser.

By placing it at the top of the screen, we can ensure it is visible at all times. And while it may not be the most comfortable way to play, it does ensure that we always have the guide in view if we get stuck in a game. This is especially useful when it also allows us to do the same with gameplay videos from YouTube.

Game Assist shares browser data and cookies from the full version of Edge, aiming for players to make the permanent switch to using this browser. This is also why they have added services like Discord, Spotify, and Twitch integrated within it, so they can be used while gaming. Something that Opera GX already does, with greater control over the resources it uses. And also, with a greater market penetration. Although not installed on every Windows computer by default.

Game Assist, at launch, will be compatible with nine games. These games are Baldur’s Gate 3, Diablo IV, Fortnite, Hellblade II: Senua’s Saga, League of Legends, Minecraft, Overwatch 2, Roblox, and Valorant. And while we expect this list to grow over time, it seems Microsoft has something good in hand.

Microsoft Edge DOWNLOAD

Google Chrome wants to help you reduce annoying notifications on your mobile

Google Chrome seems to be focusing on improving the user experience in 2024, which is quite significant considering that it is currently the most used browser. Therefore, Chrome will try to reduce notifications to users, as they can often become very annoying.

In this way, Chrome continues to consolidate the path it wants to take this year by improving the usability and convenience of users, something that rivals like Firefox are also currently doing. Therefore, they could not stay behind in this type of advances.

Google Chrome Download

Helping to reduce notifications

As Chromium has revealed, Google is working on the possibility for users to disable notification sending by the application. They could already be managed individually, but the possibility of a single button being able to disable all notifications of content by the application will help many users have a cleaner notification interface on their smartphone.

In addition, this option can be reversed whenever desired, so you don’t have to worry if you deactivate all notifications at once and later you want to activate them again. With this, Google gives the user greater control over what they want to see on their device.

Battle against cookies

On the other hand, Google Chrome is also running for this 2024 to offer a new browsing model, which is more beneficial for users tired of cookies, and that preserves privileges for websites and their data collections. Google wants to eradicate third-party cookies from the network, and for this it has a meticulous plan that is already starting to put to the test on selected users.

If it works as expected, it could mean that browsing becomes a much more satisfying experience, especially after cookie banners, despite helping manage user privacy, have made browsing much more annoying. Therefore, if Google succeeds in making the cookieless model thrive, where each session already has pre-collected data so that websites don’t have to use them, it could mean a permanent change in internet browsing as we know it today.

Google Chrome Download

Google Chrome plans to get rid of third-party cookies in its new version

Google Chrome will take a giant step forward in its version 120 by getting rid of third-party cookies. This version, which is already being tested for beta users, will select users from certain markets to test what browsing experience would be like without the cookies that websites leave on our devices.

At the moment, this is a test that Google will conduct through Chrome 120’s beta version, but they do not rule out the possibility of implementing a browsing experience without the presence of third-party cookies on our systems in the future.

Chrome Beta DOWNLOAD

Chrome Beta Against Cookies

The beta version of Chrome, which would be Chrome 120, aims to test in selected markets what a browsing experience without third-party cookies would be like. It might be inconvenient for certain users who have to log in daily for work-related reasons, but Google wants to test how this approach would work to envision a hypothetical future without third-party cookies in the browser.

Furthermore, currently, it is being tested in the beta version, so this will primarily be tested by beta users in specific markets. It is unclear whether, if the final version of Chrome 120 is perfected, this cookie test would be conducted on a larger scale. If they see positive results, it is possible that by 2024, the way we browse could change permanently.

Google Chrome on mobile devices leads by a significant margin compared to other browsers.

The advancements in web browsers

The web browser sector is red-hot when it comes to updates. Microsoft Edge is making significant changes to its browser and aims to increase its popularity. Other options like the open-source Vivaldi browser are becoming more appealing in the industry.

The fundamental functioning of web browsers hasn’t changed much over the years, but the quality of the services they encompass has improved considerably. Especially considering the capabilities of mobile devices, all companies competing in the browser sector strive to become stronger brands. However, Google Chrome continues to hold the crown in terms of popularity.

Chrome Beta DOWNLOAD

PassKeys arrives in the stable version of Chrome

After some testing in the unstable version (Chrome Canary), PassKeys is becoming a reality in the stable Chrome environment. It’s set to change the way we access our online accounts so that we don’t have to insert a password anymore. However, that also means you’ll need a mobile device around you if you plan to sign in to any social or online platform.

The move to include PassKeys on Chrome is to improve online security. As you may recall, many browsers, including Google’s, suffered from major hacks in the past. While the password managers were meant to be safe, these hackers still managed to log into accounts and steal valuable credentials.

PassKeys provides a solution to this problem. When you try to log into an online account, it stores a secret in the cloud. With this measure in place, you’ll need to have your mobile device in hand to access the account with this secret. That means that it doesn’t matter if hackers somehow discover these secret PassKeys. Without your smartphone or tablet, they can’t do anything with it.

Chrome stable releases PassKeys

Right now, PassKeys is only compatible with a few devices. They’re still working on Android and macOS compatibility, but the issue is with Windows. You can only use it with Windows 11, which forms a minority of Microsoft OS users at the moment. Since 70% are still using Windows 10, PassKey availability will be limited.

It seems to be a step in the right direction, but only time will tell. Even if PassKeys provides a more secure way of logging in, that doesn’t mean you can relax. You still need to make sure you remain safe online and don’t try to enter phishing sites. At least you’ll have one less thing to worry about as long as you can work out how the PassKey system works.