Latest news with #Chrome
Time of India
9 hours ago
- Time of India
Apple releases critical security updates to patch Chrome zero-day vulnerability
Apple has rolled out an urgent security patch fro iOS 18.6, iPadOS 18.6, macOS Sequoia 15.6, and other operating systems to address a critical zero-day vulnerability that has been actively exploited in attacks targeting Google Chrome users. The flaw identified as CVE-2025-6558 enable remote hackers to execute an arbitrary code via crafted HTML pages enabling them to bypass browser's security sandbox. As reported by Bleeping Computers, the vulnerability stems from an insufficient validation of untrusted input within the ANGLE (Almost Native Graphics Layer Engine) and GPU components, which are shared open-source graphics abstraction layers. Google's Threat Analysis Group (TAG) discovered the flaw in June and reported it to the Chrome team, who patched it on July 15, confirming active exploitation in the wild. While the primary exploitation observed has been against Chrome users, Apple confirmed that its software was also affected due to the shared code. For Safari users, the vulnerability could lead to unexpected browser crashes when processing malicious web content. Devices receiving the patch: by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like 15 Most Beautiful Women Ever Paperela Undo iOS 18.6 and iPadOS 18.6: iPhone XS and newer, iPad Pro and other recent models macOS Sequoia 15.6: All Macs running the latest OS tvOS 18.6, visionOS 2.6, and watchOS 11.6: Covering Apple TV, Vision Pro, and Apple Watch Series 6 onward iPadOS 17.7.9: Older iPad Pro and iPad 6th generation models The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has also added CVE-2025-6558 to its catalog of known exploited vulnerabilities, urging federal agencies and all network defenders to prioritise patching their systems immediately. AI Masterclass for Students. Upskill Young Ones Today!– Join Now
Yahoo
9 hours ago
- Business
- Yahoo
LayerX collaborates with Google Chrome Enterprise to further protect enterprises' extension security
MOUNTAIN VIEW, Calif., July 31, 2025 (GLOBE NEWSWIRE) -- LayerX Security, the leader in protecting organizations against malicious browser extensions, has integrated its industry-leading extension risk scoring directly into Chrome for Enterprises. This new integration will enable Chrome Enterprise customers to get real-time visibility of the threat profile of every Chrome extension installed in their environment and restrict risky extensions. For each extension, LayerX's proprietary algorithms analyze a wide range of details, including extensions' access permissions, publisher information, usage, and more. Moreover, LayerX uses innovative techniques to identify malicious code in browser extensions. Enterprises use LayerX's technology to assess the threat posed by each extension and take remediation actions to block risky or malicious ones. As browsers increasingly serve as the operating system for work, the security posture of browser extensions has never been more important. Extensions play a central role in productivity and workflow customization for most enterprise users. According to the LayerX 2025 Enterprise Browser Extension Security Report, browser extensions are widely used across almost all enterprise users: a full 99% of enterprise users have at least one browser extension installed in their browser, and 53% of enterprise users have more than ten browser extensions. One of the evolving challenges is that, while extensions deliver tremendous value, their powerful capabilities often require broad permissions to deliver their intended functionality. LayerX's research finds that over half of extensions installed in enterprise environments require 'High' or 'Critical' level access, and more than one in ten can access user cookies. This underscores the need for thoughtful governance and transparency to protect sensitive business data, support compliance, and maintain user trust without restricting the flexibility that makes extensions so useful. Another factor shaping this landscape is the diversity and reach of the extension developer ecosystem. According to LayerX data, most extension developers have published only a single extension. This diversity drives innovation, but also highlights the need for enterprise-grade visibility and risk assessment tools, helping organizations make informed security decisions. This is exactly where the new collaboration between Google and LayerX comes in: LayerX's extension risk scoring data helps organizations understand the risks associated with each extension, assess the reputation of its publisher, and decide whether this extension should be allowed or disallowed - all within a single, holistic risk score. As part of the collaboration, LayerX's risk scores will now be integrated into the management dashboard of Chrome Enterprise, providing detailed risk assessment for every extension. Whenever an organization examines the extensions installed in users' Chrome browsers, the overall risk score of each extension will be displayed directly in the Chrome Enterprise dashboard. Customers can then get a detailed drill-down through the LayerX ExtensionPedia, with full extension technical details, publisher information, and in-depth risk scoring. "Chrome Enterprise and LayerX are both committed to bringing businesses the most secure browsing experience, without impacting how users get their work done,' says Or Eshed, co-founder and CEO of LayerX. 'For customers, this collaboration offers unmatched 'better together' benefits for browser security, bringing together the industry's best browser with the industry's best browser protection.' The browser extension risk scores by LayerX are available immediately to all Chrome Enterprise customers. Users can also use the LayerX ExtensionPedia, the Browser Extension Risk Database and Knowledge Center, which is freely available to all users. About LayerXLayerX is the leading provider of browser security solutions that protect enterprise data in the modern work environment. Purpose-built to secure SaaS access, GenAI usage, and browser-based workflows, LayerX enables enterprises to gain granular visibility and control at the point of risk: the browser. ContactsBusiness: press@ Media: dmontner@ Montner Tech PR
Engadget
10 hours ago
- Business
- Engadget
1Password deal: Get 50 percent off plans for the back-to-school season
1Password is running a notable back-to-school sale in the middle of July, but the deals more than make up for the chronological discrepancy. Many subscription plans are half off until September 12. This includes the Individual and Families plans. That brings the price of the Individual plan down to $18 for a year and the Families plan down to $30 for a year. The plans are nearly identical, but the Families plan accommodates five additional people. These discounts are only available to new customers and the prices expire after the year, so set a reminder to cancel or reassess. The Families plan is also on sale. $18 at 1Password This provider actually topped our list of the best password managers, and for good reason. We appreciated the intuitive interface and the fact that it's available on most platforms, so you'll never be left out in the cold. These include Chrome, Firefox, Safari, Edge, macOS, iOS, Windows, Android and more. Subscriptions include industry standard encryption and a "secret key" that only you know on top of a master password. There's also two-factor authentication and the platform issues alerts when credentials have potentially been compromised. The only downside here is the one that accompanies many password managers. There is no free version. Obviously, this won't be an issue for the year, but it could once the plan runs out. Follow @EngadgetDeals on X for the latest tech deals and buying advice .
Android Authority
11 hours ago
- Android Authority
Google will soon fix a security loophole in Chrome's password autofill
Mishaal Rahman / Android Authority TL;DR Google Chrome on Android will let you require biometric authentication before autofilling passwords, adding a much-needed layer of security. This feature closes a loophole, as the existing biometric protection for autofill in Google Password Manager currently only applies to apps, not the browser. A newly discovered setting explicitly states this protection is 'coming soon to Chrome,' finally preventing password autofill without user verification. Manually entering passwords is a pain, which is why many people use autofill services bundled with password managers to save time. For better security, you should require biometric authentication before autofilling passwords. This prevents thieves who steal your phone from signing into accounts that aren't already logged in. Unfortunately, Google Chrome on Android currently autofills passwords without any form of authentication, but that will soon change. If you use Google Password Manager, you may have noticed the 'Authenticate with biometrics before filling passwords' option under Settings > Google > Autofill with Google > Preferences. As its name implies, this setting prevents Google Password Manager from autofilling passwords until you verify your identity with your face or fingerprint. Unfortunately, this protection only applies to apps and doesn't work in web browsers like Google Chrome, even though Chrome uses the same autofill service by default. Mishaal Rahman / Android Authority Fortunately, Google is finally addressing this long-standing oversight. Telegram user Micha told us the 'authenticate with biometrics before filling passwords' option has disappeared from their Autofill with Google preferences. Instead, they now see a new 'Verify it's you to autofill passwords' option at the bottom of Google Password Manager's main settings page. Although the toggle has been relocated and renamed, it provides the same protection. However, its new description contains a promising detail: 'For added protection, always use your fingerprint, face, or other screen lock when you sign in using autofill (coming soon to Chrome)' My colleague Hadlee Simons also has this new toggle, so he shared the following screenshot with me: Hadlee Simons / Android Authority This description confirms that Chrome will soon require your fingerprint, face, or screen lock to autofill passwords. While it's unclear whether this single setting will apply to Chrome or if the browser will get its own toggle, this is a much-needed security improvement. Back in October, we reported that Google Chrome would block password autofills if your phone is stolen. That protection builds on Android's Identity Check feature, which forces biometric authentication when your phone is in an untrusted location. While Google has yet to integrate Identity Check into Chrome, the new toggle we've spotted seems to enable a broader protection that applies regardless of your phone's location. Follow
News18
16 hours ago
- News18
Microsoft's AI Browser Is Here: Copilot Mode Is The AI Agent For All Your Tasks
Microsoft is bringing is AI-powered browser to Edge with the help of Copilot which gets a new mode for users. Microsoft's AI agents are now making their way to the Edge browser in the form of Copilot mode which is being pilot tested in an experimental phase starting this week. You've heard a lot about AI agents in the past few months so it was obvious that Microsoft will have its own version for the web browser Edge and its users. The new mode is being built into the Edge browser that can handle tasks like organise content across all the tabs, and take help of AI to let you book restaurants or even plan a trip. Microsoft Edge AI Agent On Browser: How It Works We've seen AI agents take over web browsers, something that both Chrome with Gemini and Comet with Perplexity AI offer for users. Now, Copilot Mode is integrating some form of GPT with Edge browser to give people more reasons to try out the new-gen Edge browser that comes by default on Windows PCs. The company is also working on its own Vision with Copilot where it will seek your permission to use the camera on the PC or other devices as well as access your web history to screen through tasks in a personalised way. More importantly, the AI agent with Copilot will get voice navigation support so that you don't need to type the prompt and just tell the command with your voice. Using the new AI version in Edge is easy. Just open the web browser on your PC and you will be greeted on the screen, asking, 'How can I help you today? Google has shown us the power of AI which is now enabled in Search for millions of users with the AI Mode. Microsoft is doing its Copilot Mode version in the same manner. Speaking of AI, OpenAI has a ChatGPT 5 version launching soon in the market and the early signs have brought about some concerns from none other than Sam Altman, the chief of the ChatGPT maker. He has been quoted saying some worrying things about the upcoming AI chatbot version, which he says, 'feels very fast," than the previous iterations. Altman was speaking in a podcast recently, where he decided to tease the world with these concerning details and not sharing the actual technical bits about the ChatGPT 5 model and what features people can expect to roll out. view comments First Published: July 31, 2025, 12:26 IST Disclaimer: Comments reflect users' views, not News18's. Please keep discussions respectful and constructive. Abusive, defamatory, or illegal comments will be removed. News18 may disable any comment at its discretion. By posting, you agree to our Terms of Use and Privacy Policy.
