Update Chrome ASAP to Patch This High-Severity Security Flaw

Google has issued a patch for a high-severity flaw that has been actively exploited in the wild—the first Chrome zero-day in ...
CSO Online

Leaky Chrome extensions with 37M installs caught divulging your browsing history

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

Over half a million VKontakte accounts hijacked using malicious Chrome extensions

Five extensions were doing all sorts of malicious acts, including stealing payment data.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...
InfoQ

Chrome 144 Ships Temporal API: Advancing JavaScript Date/Time Standardisation

Chrome 144 introduces the groundbreaking Temporal API, revolutionizing date and time management in JavaScript. As a modern alternative to the criticized Date object, Temporal resolves parsing ...
InfoWorld

WebMCP API extends web apps to AI agents

W3C proposal backed by Google and Microsoft allows developers to expose client-side JavaScript tools to AI agents, enabling ...
InfoQ

OpenAI Publishes Codex App Server Architecture for Unifying AI Agent Surfaces

OpenAI has recently published a detailed architecture description of the Codex App Server, a bidirectional protocol that decouples the Codex coding agent's core logic from its various client surfaces.