AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Critical Chrome Security Flaws Threaten Billions of Users Worldwide

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.

Google fixes two new Chrome zero-days exploited in attacks

Google has released emergency security updates to patch two high-severity Chrome vulnerabilities exploited in zero-day attacks.
WinBuzzer

Windows 11: Microsoft Copilot Will Bypass Your Default Browser

Microsoft has updated Copilot on Windows to open web links in an in-app side pane, bypassing users' default browser settings without offering an opt-out.