Net browsers are vital gateways that allow a corporation’s workers, companions and clients to entry on-line assets, company methods, enterprise functions and delicate information, making their safety a chief concern for organizations right this moment.
The rise of hybrid work environments, elevated reliance on SaaS functions and adoption of generative AI have made browsers extra integral to enterprise — and extra susceptible to threats — than ever.
“The 2025 Browser Safety Report” from agentless AI and browser safety vendor LayerX Safety emphasised that browser extensions are organizations’ “largest unmanaged provide chain” and reported that GenAI now accounts for 32% of all corporate-to-personal information exfiltration, making it the main vector for company information motion exterior sanctioned environments.
Browsers are additionally a significant assault vector. “2025 State of Browser Safety Report” from enterprise browser vendor Preserve Conscious discovered that browser-based malware accounted for 70% of all noticed malware occasions within the earlier yr.
Distributors have made vital strides lately to safeguard browsers, and specialised safety software program can take browser safety a step additional. But browser safety considerations stay, as evidenced by this week’s featured information tales.
Privateness browser extension captures customers’ AI chatbot conversations
The City VPN Proxy browser extension, standard for its privateness safety claims, has been discovered to reap person information from interactions with eight standard AI chatbots, together with ChatGPT and Claude.
Researchers at Koi Safety revealed that since model 5.5.0, the Chrome and Edge browser extension injects scripts into focused AI platforms to intercept and exfiltrate dialog information, together with prompts, responses and metadata, to City VPN’s servers. This information assortment operates independently of the VPN performance and can’t be disabled with out uninstalling the extension.
Whereas City VPN, affiliated with information dealer BiScience, discloses this observe in its privateness coverage, exfiltrating and promoting customers’ information could possibly be considered as at odds with the product’s popularity as a privateness protector.
Learn the total story by Elizabeth Montalbano on Darkish Studying.
Apple and Google subject patches for browser vulnerabilities
Apple not too long ago patched two zero-day vulnerabilities, CVE-2025-43529 and CVE-2025-14174, which might enable arbitrary code execution by way of maliciously crafted net content material. The flaws have been in WebKit, which is used within the Safari net browser and different Apple merchandise and functions. Each CVEs have been found in collaboration with Google’s Menace Evaluation Group and addressed by way of updates for iOS, iPadOS and macOS on Dec. 12.
Apple famous that these flaws may need been exploited in subtle assaults concentrating on particular people, doubtlessly linked to business spy ware.
Google patched CVE-2025-14174 in Chrome final week.
Learn the total story by Alexander Culafi on Darkish Studying.
Distant entry Trojan supplies gadget management and browser autofill data
The Cellik RAT as a service permits attackers to bundle malware with legit Android apps from the Google Play Retailer, creating poisoned variations for distribution. Highlighted by iVerify researcher Daniel Kelley, Cellik supplies attackers with full gadget management, together with display streaming, keylogging, file entry and browser information theft. It additionally options app-injection capabilities, similar to creating pretend login overlays to reap credentials.
Notably, Cellik contains an automated .apk builder that wraps its payload round trusted apps, doubtlessly bypassing Google Play Defend. Priced between $150 monthly and $900 for a lifetime subscription, Cellik exemplifies the rising accessibility of superior Android malware for low-skilled attackers, emphasizing the necessity for vigilance towards social engineering and sideloading.
Learn the total story by Alexander Culafi on Darkish Studying.
Editor’s notice: An editor used AI instruments to help within the technology of this information temporary. Our professional editors all the time evaluate and edit content material earlier than publishing.
Phil Sweeney is an business editor and author centered on cybersecurity subjects.
