Microsoft is opting to stand pat and not fix a content security bypass vulnerability in its Edge browser, something researchers warn could potentially lead to the disclosure of confidential information.

An IDN homograph attack leveraging Adobe’s brand has been discovered, with the malicious site spreading the Betabot backdoor

A malware campaign utilizing bogus “HoeflerText” popup warnings is back in full swing targeting Google Chrome and Firefox browsers with Locky ransomware attacks and the NetSupport Manager RAT.

The Onliner spambot, Google’s forthcoming Not Secure warnings for Chrome, the WireX botnet, Sarahah privacy and more are discussed.

Researchers warn a retooled ‘Jimmy’ Nukebot no longer steals bankcard data, rather focuses on avoiding detection as it downloads malicious modules.

Google fixed 30 vulnerabilities, including five high severity issues, in the latest version of Chrome, Chrome 59, on Monday.

Starting with Chrome 62, Google will start marking any HTTP page where users may enter data, and any HTTP page visited in incognito mode

Mike Mimoso and Chris Brook discuss the news of the week, including last Friday’s ShadowBrokers dump – how Microsoft learned of the vulnerabilities, how they were patched by Oracle, along with Microsoft ditching passwords, and a new car dongle hack.

Google fixed a vulnerability that could’ve let an attacker carry out phishing attacks with Unicode domains in Chrome but Mozilla is holding off – for now.

University researchers created a browser-based JavaScript that leverages a phone’s smart device sensor data to steal PINs.