The popular Google Chrome browser has some of the best security tools baked in with features such as Safebrowsing which protects users from malicious websites. By extension, ChromeOS which powers the affordable Chromebooks is indeed one of the safest systems one can get these days.

Even though the surface of attack is smaller than that of a typical Windows PC, online crooks will always find a way to abuse the system. One of the main points of entry is via rogue browser extensions which are increasingly becoming a problem and are being leveraged in various types of attacks ranging from data theft, spying, pop up ads and more.

Anyone who likes to use their computer as a release, pay attention because your secret browsing might not be quite so secret. A bug has been discovered meaning that users of Google Chrome with Nvidia graphics chips don't always get Incognito Mode, even when the machine says it's on.

The rub of the story came from blogger charliehorse55 who explained that after a furious session of present buying, he decided to play Diablo III and was confronted, not with the loading screen, but an unloading screen showing all of the presents. It turns out this is just the tip. Nvidia GPUs don't flush the memory buffer at the end of a browsing session, and neither does Google Chrome.

The AVG Web TuneUp Chrome extension, forcibly added to Google Chrome browsers when users were installing the AVG antivirus, had a serious flaw that allowed attackers to get the user's browsing history, cookies, and more.

The vulnerability was discovered by Google Project Zero researcher Tavis Ormandy, who worked with AVG for the past two weeks to fix the issue. As he explains in his bug report, the AVG Web TuneUp extension, which lists over nine million users on its Chrome Web Store page, was vulnerable to trivial XSS attacks. Attackers aware of this problem would have been able to access a user's cookies and browsing history.

At the MobilePwn2Own, a Chinese expert has demonstrated how to hijack an Android smartphone by exploiting a zero-day flaw in the Chrome browser. The Chinese expert has demonstrated how to hijack an Android smartphone by exploiting a flaw in the Chrome browser.

The compromised device was running the latest version of the Android OS and the hacker exploited a JavaScript v8 flaw through the Chrome browser. Gong hijacked a Google Project Fi Nexus 6 running the Android 6.0 Marshmallow and with all applications up-to-date gaining complete control of the smartphone.

Over the past decade, there's been a privacy arms race between unscrupulous website operators and browser makers.

The former wield an ever-changing lineup of so-called zombie cookies that can't be easily deleted and attacks that sniff thousands of previously visited sites, while browser makers aim to prevent such privacy invasions by closing the design weaknesses that make them possible. Almost as soon as one hole is closed, hackers find a new one. Over the weekend, a researcher demonstrated two unpatched weaknesses that Web masters can exploit to track millions of people who visit their sites.

Chrome, Google’s web browser is said to have problems in incognito mode in its Android version and some of user’s online behavior is stored in history as a consequence.

Google’s Chrome web browser,right from its debut has faced criticism because it uses the WebKit Engine which uses lot of RAM and slows down the machine. Now a bug has been reported in Chrome browser in Android version in its  Incognito mode. The Incognito mode was introduced in 2012 by Google for its Chrome browser, a feature now present in all of its variants, on Android, iOS, Mac, Linux, and Windows.

You can crash the latest version of Google Chrome with a simple tiny URL. Just rolling your mouse over it in a page, launching it from another app such as an email client, or pasting it into the address bar, will kill either that tab or the whole browser.

It's perfect for pranking friends by sending it to them in emails and messages. What's cool about this bug is that it triggers a fatal exception rather than the usual memory access violation error caused by an overrun buffer, heap corruption, or similar – even in released code. This means some part of the executable was reached that the programmers never expected normal users to hit.

From almost 250 security flaws reported for the top 20 software solutions with the most number of vulnerabilities discovered in the first month of the year, Google Chrome came at the head of the list, according to a security service company.

Google is dedicated to increasing the safety of all its products to such an extent that sometimes cybercriminals focus their efforts on exploiting flaws on other platforms. The large amount of flaws recorded for the web browser can be explained by the fact that third-parties are incentivized by the company’s Security Reward Programs to find new ways to bypass protections implemented in Chrome.

The Chrome browser is generally considered the most secure Web browser, and it also tends to do the best in hacking competitions. This is in part thanks to the solid security architecture of Chrome, and to its security engineers, who keep adopting strong security designs and policies.

There's always a compromise between security and flexibility/freedom to do something. Security is very much about reducing the attack vectors, which generally means reducing the freedom to use some features. Some of those security decisions can go too far sometimes, such as the decision to only allow Chrome extensions to be installed from the Chrome store, when there could have been alternative solutions that are not as restrictive.