Net browsers are essential gateways that allow a corporation’s workers, companions and clients to entry on-line assets, company programs, enterprise functions and delicate information, making their safety a chief concern for organizations in the present day.
The rise of hybrid work environments, elevated reliance on SaaS functions and adoption of generative AI have made browsers extra integral to enterprise — and extra susceptible to threats — than ever.
“The 2025 Browser Safety Report” from agentless AI and browser safety vendor LayerX Safety emphasised that browser extensions are organizations’ “largest unmanaged provide chain” and reported that GenAI now accounts for 32% of all corporate-to-personal information exfiltration, making it the main vector for company information motion outdoors sanctioned environments.
Browsers are additionally a serious assault vector. “2025 State of Browser Safety Report” from enterprise browser vendor Hold Conscious discovered that browser-based malware accounted for 70% of all noticed malware occasions within the earlier yr.
Distributors have made vital strides in recent times to safeguard browsers, and specialised safety software program can take browser safety a step additional. But browser safety considerations stay, as evidenced by this week’s featured information tales.
Privateness browser extension captures customers’ AI chatbot conversations
The City VPN Proxy browser extension, well-liked for its privateness safety claims, has been discovered to reap consumer information from interactions with eight well-liked AI chatbots, together with ChatGPT and Claude.
Researchers at Koi Safety revealed that since model 5.5.0, the Chrome and Edge browser extension injects scripts into focused AI platforms to intercept and exfiltrate dialog information, together with prompts, responses and metadata, to City VPN’s servers. This information assortment operates independently of the VPN performance and can’t be disabled with out uninstalling the extension.
Whereas City VPN, affiliated with information dealer BiScience, discloses this apply in its privateness coverage, exfiltrating and promoting customers’ information might be considered as at odds with the product’s status as a privateness protector.
Learn the complete story by Elizabeth Montalbano on Darkish Studying.
Apple and Google difficulty patches for browser vulnerabilities
Apple lately patched two zero-day vulnerabilities, CVE-2025-43529 and CVE-2025-14174, which may permit arbitrary code execution via maliciously crafted internet content material. The flaws have been in WebKit, which is used within the Safari internet browser and different Apple merchandise and functions. Each CVEs have been found in collaboration with Google’s Menace Evaluation Group and addressed by way of updates for iOS, iPadOS and macOS on Dec. 12.
Apple famous that these flaws might need been exploited in subtle assaults concentrating on particular people, doubtlessly linked to industrial spyware and adware.
Google patched CVE-2025-14174 in Chrome final week.
Learn the complete story by Alexander Culafi on Darkish Studying.
Distant entry Trojan offers gadget management and browser autofill information
The Cellik RAT as a service permits attackers to bundle malware with reliable Android apps from the Google Play Retailer, creating poisoned variations for distribution. Highlighted by iVerify researcher Daniel Kelley, Cellik offers attackers with full gadget management, together with display streaming, keylogging, file entry and browser information theft. It additionally options app-injection capabilities, reminiscent of creating pretend login overlays to reap credentials.
Notably, Cellik contains an computerized .apk builder that wraps its payload round trusted apps, doubtlessly bypassing Google Play Shield. Priced between $150 per thirty days and $900 for a lifetime subscription, Cellik exemplifies the rising accessibility of superior Android malware for low-skilled attackers, emphasizing the necessity for vigilance in opposition to social engineering and sideloading.
Learn the complete story by Alexander Culafi on Darkish Studying.
Editor’s word: An editor used AI instruments to help within the era of this information transient. Our professional editors at all times evaluation and edit content material earlier than publishing.
Phil Sweeney is an business editor and author centered on cybersecurity matters.
