Google Chrome ships WebMCP in early preview, turning every website into a structured tool for AI agents

Google and Microsoft's new WebMCP standard lets websites expose callable tools to AI agents through the browser — replacing costly scraping with structured function calls.
eWeek

Fake AI Chrome Extensions Exposed 260,000 Users, Targeting Gmail

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...
The Hacker News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery and RAT deployment.
The Hacker News

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released

Google fixes actively exploited Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw enabling sandboxed remote code execution.

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

Google patches first Chrome zero-day exploited in attacks this year

Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the ...

Google promotes Chrome 146 to the beta channel with WebNN support, Sanitizer API, and more

Chrome 146 is now in beta, bringing new features like WebNN and the Sanitizer API that could land in the stable release in a ...
SecurityWeek

Over 300 Malicious Chrome Extensions Caught Leaking or Stealing User Data

More than 300 Chrome extensions were found to be leaking browser data, spying on users, or stealing user information.