browser - Security Ticks

Your browser tab could become encrypted storage for someone else’s files

browser, cybersecurity, data, Don't miss, Encryption, Features, Hot stuff, News, research, storage / SecurityTicks

Your browser tab could become encrypted storage for someone else’s files 2026-06-19 at 08:30 By Mirko Zorz Decentralized storage networks already hand pieces of people’s data to strangers’ machines. The lasting question across these networks is whether the machine holding the data can read it. A research paper by Gregory Magarshak, a professor at IENYC, […]

Your browser tab could become encrypted storage for someone else’s files Read More »

Websites can spy on user activity by analyzing SSD behavior

attack, browser, News, research / SecurityTicks

Websites can spy on user activity by analyzing SSD behavior 2026-05-29 at 14:08 By Sinisa Markovic Websites have spent years collecting information about visitors through browser fingerprinting, tracking scripts, and other techniques designed to identify devices and monitor behavior. Researchers have demonstrated another method that relies on something most users would never expect a website

Websites can spy on user activity by analyzing SSD behavior Read More »

To counter cookie theft, Chrome ships device-bound session credentials

browser, Chrome, cookies, credentials, Malware, News, online tracking, Privacy / SecurityTicks

To counter cookie theft, Chrome ships device-bound session credentials 2026-04-10 at 14:45 By Mirko Zorz Cookie theft follows a well-established pattern. Infostealer malware infiltrates a device, extracts authentication cookies, and exfiltrates them to an attacker-controlled server. Because cookies often have extended lifetimes, attackers can access accounts without passwords, then bundle and sell the stolen credentials.

To counter cookie theft, Chrome ships device-bound session credentials Read More »

Firefox is getting a free built-in VPN

browser, Firefox, News, VPN / SecurityTicks

Firefox is getting a free built-in VPN 2026-03-18 at 15:24 By Sinisa Markovic Mozilla is adding a free built-in VPN to Firefox, with the feature arriving in Firefox 149 on March 24. Privacy concerns often follow free VPN services, especially when unclear data practices put user information at risk. Mozilla says its version is grounded

Firefox is getting a free built-in VPN Read More »

Microsoft Edge 146 adds IP privacy and local network access controls

browser, Microsoft, Microsoft Edge, News, Privacy, update / SecurityTicks

Microsoft Edge 146 adds IP privacy and local network access controls 2026-03-16 at 15:10 By Anamarija Pogorelec Microsoft Edge version 146 (Stable) became available on March 13, 2026, bringing updates to tracking protection, IP privacy, and enterprise network security policies. One change affects tracking prevention in InPrivate browsing. InPrivate windows use the same tracking prevention

Microsoft Edge 146 adds IP privacy and local network access controls Read More »

Firefox to let users manage and block AI features

Artificial Intelligence, browser, Firefox, News / SecurityTicks

Firefox to let users manage and block AI features 2026-02-03 at 15:15 By Sinisa Markovic Mozilla will add a set of controls in Firefox that let users manage and block GenAI features in the desktop browser. The controls will be included in Firefox version 148 on February 24, 2026. “We believe choice is more important

Firefox to let users manage and block AI features Read More »

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions

browser, Chrome, cybersecurity, Data Protection, Incogni, News, Privacy, report, risk / SecurityTicks

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions 2026-01-28 at 08:15 By Anamarija Pogorelec A new study shows that some of the most widely used AI-powered browser extensions are a privacy risk. They collect lots of data and require a high level of browser access. The research was conducted by

Grammarly and QuillBot are among widely used Chrome extensions facing serious privacy questions Read More »

Fake browser crash alerts turn Chrome extension into enterprise backdoor

browser, Chrome, Chrome Web Store, Don't miss, enterprise, extension, Hot stuff, Huntress, Microsoft Edge, News, Remote Access Trojan, social engineering, Socket / SecurityTicks

Fake browser crash alerts turn Chrome extension into enterprise backdoor 2026-01-19 at 17:21 By Zeljka Zorz Browser extensions are a high-risk attack vector for enterprises, allowing threat actors to bypass traditional security controls and gain a foothold on corporate endpoints. Case in point: A recently identified malicious extension called NexShield proves that a single user

Fake browser crash alerts turn Chrome extension into enterprise backdoor Read More »

Browser agents don’t always respect your privacy choices

browser, cyber risk, Don't miss, Features, LLMs, News, Privacy, research / SecurityTicks

Browser agents don’t always respect your privacy choices 2025-12-22 at 08:49 By Sinisa Markovic Browser agents promise to handle online tasks without constant user input. They can shop, book reservations, and manage accounts by driving a web browser through an AI model. A new academic study warns that this convenience comes with privacy risks that

Browser agents don’t always respect your privacy choices Read More »

New “HashJack” attack can hijack AI browsers and assistants

AI, browser, Chrome, Comet, data theft, Don't miss, Edge, Google, Hot stuff, Microsoft, News, Perplexity, phishing / SecurityTicks

New “HashJack” attack can hijack AI browsers and assistants 2025-11-26 at 14:18 By Zeljka Zorz Security researchers at Cato Networks have uncovered a new indirect prompt injection technique that can force popular AI browsers and assistants to deliver phishing links or disinformation (e.g., incorrect medicine dosage guidance or investment advice), send sensitive data to the

New “HashJack” attack can hijack AI browsers and assistants Read More »

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability

AI, Artificial Intelligence, browser, Comet, controversy, Featured, Perplexity, SquareX, Vulnerabilities, vulnerability / SecurityTicks

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability 2025-11-21 at 13:20 By Eduard Kovacs SquareX claims to have found a way to abuse a hidden Comet API to execute local commands, but Perplexity says the research is fake. The post SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability appeared first on SecurityWeek. This

SquareX and Perplexity Quarrel Over Alleged Comet Browser Vulnerability Read More »

Security gap in Perplexity’s Comet browser exposed users to system-level attacks

agentic AI, AI, API security, browser, Don't miss, Hot stuff, News, Perplexity, research, SquareX, vulnerability / SecurityTicks

Security gap in Perplexity’s Comet browser exposed users to system-level attacks 2025-11-20 at 17:56 By Zeljka Zorz There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s built-in (but hidden from the user) extensions to issue commands directly to a user’s

Security gap in Perplexity’s Comet browser exposed users to system-level attacks Read More »

The browser is eating your security stack

Artificial Intelligence, browser, cybersecurity, identity management, LayerX, News, report, SaaS / SecurityTicks

The browser is eating your security stack 2025-11-13 at 07:39 By Anamarija Pogorelec Employees log into SaaS platforms, upload files, use AI tools, and manage customer data from a single tab. While the browser has become the enterprise’s main workspace, it remains largely outside the reach of security controls. According to the 2025 Browser Security

The browser is eating your security stack Read More »

Hackers Target Perplexity Comet Browser Users

browser, cybercrime, Perplexity Comet / SecurityTicks

Hackers Target Perplexity Comet Browser Users 2025-10-24 at 17:56 By Ionut Arghire Shortly after the browser was launched, numerous fraudulent domains and fake applications were discovered. The post Hackers Target Perplexity Comet Browser Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Hackers Target Perplexity Comet Browser Users Read More »

AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk

AI, Artificial Intelligence, browser, ChatGPT Atlas, extension, Featured, Perplexity Comet / SecurityTicks

AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk 2025-10-23 at 17:10 By Eduard Kovacs SquareX has shown how malicious browser extensions can impersonate AI sidebar interfaces. The post AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk appeared first on SecurityWeek. This article is an excerpt

AI Sidebar Spoofing Puts ChatGPT Atlas, Perplexity Comet and Other Browsers at Risk Read More »

What your browser knows about you, from contacts to card numbers

Bing, Brave, browser, Chrome, cybersecurity, DuckDuckGo, Edge, News, Opera, Privacy, report, Safari, Surfshark, Tor / SecurityTicks

What your browser knows about you, from contacts to card numbers 2025-05-09 at 13:06 By Anamarija Pogorelec Chrome and Safari are the most popular browser apps, accounting for 90% of the mobile browsers market share, according to Surfshark. They also collect the most data. Chrome: the most data-hungry browser (Source: Surfshark) The most data-hungry browsers

What your browser knows about you, from contacts to card numbers Read More »

Browser extensions make nearly every employee a potential attack vector

browser, Chrome, cyber risk, Edge, Firefox, LayerX, News, report, survey / SecurityTicks

Browser extensions make nearly every employee a potential attack vector 2025-04-16 at 07:12 By Help Net Security Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have access to sensitive data 99% of enterprise users have at least one extension

Browser extensions make nearly every employee a potential attack vector Read More »

Best practices for ensuring a secure browsing environment

browser, cookies, cybersecurity, Don't miss, Features, Hot stuff, Menlo Security, News, opinion, patching, Privacy, update / SecurityTicks

Best practices for ensuring a secure browsing environment 2025-01-03 at 07:36 By Mirko Zorz In this Help Net Security interview, Devin Ertel, CISO at Menlo Security, discusses how innovations like AI and closer collaboration between browser vendors and security providers will shape the future of browser security. The post Best practices for ensuring a secure

Best practices for ensuring a secure browsing environment Read More »

How to enable Safe Browsing in Google Chrome on Android

browser, Chrome, cybersecurity, Google, News, tips / SecurityTicks

How to enable Safe Browsing in Google Chrome on Android 2024-10-24 at 06:03 By Help Net Security To safeguard your data, Google Chrome uses Safe Browsing to protect you from: harmful websites and extensions, malicious or intrusive advertisements, malware, phishing attacks, and social engineering threats. Safe Browsing scans and evaluates websites to identify potentially harmful

How to enable Safe Browsing in Google Chrome on Android Read More »

Browser backdoors: Securing the new frontline of shadow IT

browser, cybersecurity, Don't miss, Expert analysis, Expert corner, extension, Hexnode, Hot stuff, News, opinion, shadow IT / SecurityTicks

Browser backdoors: Securing the new frontline of shadow IT 2024-08-13 at 07:31 By Help Net Security Browser extensions are a prime target for cybercriminals. And this isn’t just a consumer problem – it’s a new frontier in enterprises’ battle against shadow IT. Ultimately, more extension permissions result in potentially bigger attack surfaces. Research shows that

Browser backdoors: Securing the new frontline of shadow IT Read More »