The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...
SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

Google Ships WebMCP, The Browser-Based Backbone For The Agentic Web

Google ships WebMCP protocol, letting websites expose structured functions to AI agents and reducing computational overhead ...

Google Chrome ships WebMCP in early preview, turning every website into a structured tool for AI agents

Google and Microsoft's new WebMCP standard lets websites expose callable tools to AI agents through the browser — replacing ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...
InfoWorld

WinterTC: Write once, run anywhere (for real this time)

The unified JavaScript runtime standard is an idea whose time has come. Here’s an inside look at the movement for server-side JavaScript interoperability.
InfoWorld

WebMCP API extends web apps to AI agents

W3C proposal backed by Google and Microsoft allows developers to expose client-side JavaScript tools to AI agents, enabling ...
Dark Reading

Bug in Google's Gemini AI Panel Opens Door to Hijacking

Attackers could have exploited the vulnerability to escalate privileges, violate user privacy while browsing, and access sensitive resources ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

A bug in Google Chrome's Gemini AI feature could expose your data or allow attackers to monitor you. Here's how to stay protected.

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...