Latest news with #VsevolodKokorin
The Irish Sun
18-05-2025
- The Irish Sun
Alert for ALL Google Chrome users to ‘relaunch' browsers now – or device could be hijacked by worrying ‘zero-day' flaw
GOOGLE Chrome users have been warned to urgently update their browsers to avoid a potential cyber attack. The tech giant has issued an alert to anyone who uses the browser on their PC. Advertisement 1 Google Chrome had a worrying glitch that could lead to hijacking Credit: Getty A concerning bug has been found on the popular app which could lead to hijacking of your device. The bug has been given a "zero-day" mark which indicates that the vulnerability is being actively used by hackers in the wild. Google has acted swiftly to address the issue and has now patched the browser to prevent it from any further attacks. Google said: "Google is aware of reports that an exploit for CVE-2025-4664 exists in the wild. Advertisement read more on tech "The Stable channel has been updated to 136.0.7103.113/.114 for Windows, Mac and 136.0.7103.113 for Linux which will roll out over the coming days/weeks." However, the fix will only work after it has been downloaded and installed on your browser. Vsevolod Kokorin, a security researcher at Solidlab, was the first to discover this most recent Chrome issue and confirmed that it may result in an account takeover by cybercriminals. It is now crucial to make sure you are using the most recent version of Chrome if you use it as your primary web browser. Advertisement Most read in Tech Live Blog To accomplish this, just select "About Chrome" after clicking on the Chrome in the toolbar. Make sure you have rebooted your browser to the latest version as soon as possible. Mobile phone users never have to make calls AGAIN as Google launches bizarre new tool for appointments and more It comes just hours after Google users have been alerted to check their accounts or And it's especially worthwhile if you've ever used and want to remember key places visited in the past. Advertisement has been warning users for sometime that changes are coming soon. Google Maps has a The tool is especially handy for remembering special spots, such as where you met a partner or a fancy restaurant you once visited. The tech giant is moving things around so data is kept on-device instead of in the cloud. Advertisement Failure to act will result in users losing this past data. That deadline is now here, set for today.
Scottish Sun
18-05-2025
- Scottish Sun
Alert for ALL Google Chrome users to ‘relaunch' browsers now – or device could be hijacked by worrying ‘zero-day' flaw
Click to share on X/Twitter (Opens in new window) Click to share on Facebook (Opens in new window) GOOGLE Chrome users have been warned to urgently update their browsers to avoid a potential cyber attack. The tech giant has issued an alert to anyone who uses the browser on their PC. Sign up for Scottish Sun newsletter Sign up 1 Google Chrome had a worrying glitch that could lead to hijacking Credit: Getty A concerning bug has been found on the popular app which could lead to hijacking of your device. The bug has been given a "zero-day" mark which indicates that the vulnerability is being actively used by hackers in the wild. Google has acted so swiftly to address the issue and has now patched the browser to prevent it from any further attacks. Google said: "Google is aware of reports that an exploit for CVE-2025-4664 exists in the wild. "The Stable channel has been updated to 136.0.7103.113/.114 for Windows, Mac and 136.0.7103.113 for Linux which will roll out over the coming days/weeks." However, the fix will only work after it has been downloaded and installed on your browser. Vsevolod Kokorin, a security researcher at Solidlab, was the first to discover this most recent Chrome issue and confirmed that it may result in an account takeover by cybercriminals. It is now crucial to make sure you are using the most recent version of Chrome if you use it as your primary web browser. To accomplish this, just select "About Chrome" after clicking on the Chrome in the toolbar. Make sure you have rebooted your browser to the latest version as soon as possible. Mobile phone users never have to make calls AGAIN as Google launches bizarre new tool for appointments and more It comes just hours after Google users have been alerted to check their accounts or risk losing their data forever. And it's especially worthwhile if you've ever used Google Maps and want to remember key places visited in the past. Google has been warning users for sometime that changes are coming soon. Google Maps has a Timeline feature - previously known as Location History - which keeps a record of any you've been to via the app. The tool is especially handy for remembering special spots, such as where you met a partner or a fancy restaurant you once visited. The tech giant is moving things around so data is kept on-device instead of in the cloud. Failure to act will result in users losing this past data. That deadline is now here, set for today.
The Sun
18-05-2025
- The Sun
Alert for ALL Google Chrome users to ‘relaunch' browsers now – or device could be hijacked by worrying ‘zero-day' flaw
GOOGLE Chrome users have been warned to urgently update their browsers to avoid a potential cyber attack. The tech giant has issued an alert to anyone who uses the browser on their PC. 1 A concerning bug has been found on the popular app which could lead to hijacking of your device. The bug has been given a "zero-day" mark which indicates that the vulnerability is being actively used by hackers in the wild. Google has acted so swiftly to address the issue and has now patched the browser to prevent it from any further attacks. Google said: "Google is aware of reports that an exploit for CVE-2025-4664 exists in the wild. "The Stable channel has been updated to 136.0.7103.113/.114 for Windows, Mac and 136.0.7103.113 for Linux which will roll out over the coming days/weeks." However, the fix will only work after it has been downloaded and installed on your browser. Vsevolod Kokorin, a security researcher at Solidlab, was the first to discover this most recent Chrome issue and confirmed that it may result in an account takeover by cybercriminals. It is now crucial to make sure you are using the most recent version of Chrome if you use it as your primary web browser. To accomplish this, just select "About Chrome" after clicking on the Chrome in the toolbar. Make sure you have rebooted your browser to the latest version as soon as possible. Mobile phone users never have to make calls AGAIN as Google launches bizarre new tool for appointments and more It comes just hours after Google users have been alerted to check their accounts or risk losing their data forever. And it's especially worthwhile if you've ever used Google Maps and want to remember key places visited in the past. Google has been warning users for sometime that changes are coming soon. Google Maps has a Timeline feature - previously known as Location History - which keeps a record of any you've been to via the app. The tool is especially handy for remembering special spots, such as where you met a partner or a fancy restaurant you once visited. The tech giant is moving things around so data is kept on-device instead of in the cloud. Failure to act will result in users losing this past data. That deadline is now here, set for today.
Yahoo
17-05-2025
- Yahoo
Chrome patched this bug, but CISA says it's still actively exploited
When you buy through links on our articles, Future and its syndication partners may earn a commission. Google patched a new Chrome bug recently Now, CISA added that vulnerability to KEV, signaling abuse in the wild Federal agencies have three weeks to update Chrome The US Cybersecurity and Infrastructure Security Agency (CISA) added a new Chrome bug to its Known Exploited Vulnerabilities (KEV) catalog, signalling abuse in the wild, and giving Federal Civilian Executive Branch (FCEB) agencies a deadline to patch things up. The flaw is tracked as CVE-2025-4664. It was recently discovered by security researchers Solidlab, and is described as an 'insufficient policy enforcement in Loader in Google Chrome'. On NVD, it was explained that the bug allowed remote threat actors to leak cross-origin data via a crafted HTML page. "Query parameters can contain sensitive data - for example, in OAuth flows, this might lead to an Account Takeover. Developers rarely consider the possibility of stealing query parameters via an image from a 3rd-party resource,' researcher Vsevolod Kokorin, who was attributed with discovering the bug, explained. 60% off for Techradar readers With Aura's parental control software, you can filter, block, and monitor websites and apps, set screen time limits. Parents will also receive breach alerts, Dark Web monitoring, VPN protection, and antivirus. Preferred partner (What does this mean?)View Deal The flaw was first uncovered on May 5, with Google coming back with a patch on May 14. The browser giant did not discuss if the flaw was being exploited in real-life attacks, but it did state that it had a public exploit (which basically means the same thing). Now, with CISA adding the bug to KEV, FCEB agencies have until June 5 to patch their Chrome instances or stop using the browser altogether. The first clean versions are 136.0.7103.113 for Windows/Linux and 136.0.7103.114 for macOS. In many cases, Chrome would deploy the update automatically, so just double-check which version you're running. "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," CISA warned. Indeed, the web browser is one of the most frequently targeted programs, since it handles untrusted data from countless sources around the web. Cybercriminals are always looking for vulnerabilities in browser code, plugins, or poorly secured websites, in an attempt to grab login credentials, or other ways to compromise the wider network. Via BleepingComputer Solar grids could be hijacked and even potentially disabled by these security flaws Take a look at our guide to the best authenticator app We've rounded up the best password managers
Daily Mirror
16-05-2025
- Daily Mirror
Everyone using Chrome must check their web browser now - don't ignore new alert
Chrome users are being urged to check their browser immediately. Google has just released an urgent Chrome update, and it's definitely not something users of this popular web browser should ignore. It's been confirmed that the latest download from the US technology giant fixes a bug that's been found within the application. Although that may not sound like a reason to go dashing to the settings and installing a new version of Chrome there's an important reason why users must act as soon as possible. It's been revealed that the issue has been given the dreaded zero-day stamp. That basically means hackers are already aware of the flaw and have been actively exploiting it in the wild. This is why Google has rushed to fix things so quickly. "Google is aware of reports that an exploit for CVE-2025-4664 exists in the wild," Google said in a Wednesday security advisory. The gremlin was initially found by Solidlab security researcher Vsevolod Kokorin, who says the flaw could eventually lead to an account takeover by cyber thieves. "Query parameters can contain sensitive data - for example, in OAuth flows, this might lead to an Account Takeover. Developers rarely consider the possibility of stealing query parameters via an image from a 3rd-party resource," Kokorin explained. If you use Chrome, it's now vital to check you are running the very latest version. "The Stable channel has been updated to 136.0.7103.113/.114 for Windows, Mac and 136.0.7103.113 for Linux which will roll out over the coming days/weeks," Google confirmed. Most users are already seeing this update in their settings so check now and reboot your browser without delay.
