Google's Password Alert extension for Chrome, which was released on Wednesday, has received its first critical security update less than 24 hours later, as infosec consultant Paul Moore came up with a simple exploit that bypasses it.
Google developers have created Password Alert, an open source Chrome extension that aims to prevent users from entering their Google password in a phishing site or, alternatively, alert them when they did so and urge them to change their password.
The recent DDoS attacks aimed at GreatFire, a website that exposes China's internet censorship efforts and helps users get access to their mirror-sites, and GitHub, the world's largest code hosting service, have been linked to the Great Cannon, an attack tool co-located with the Great Firewall of China.
Google has released Chrome 42 to the stable channel, and among the changes announced is one that will automatically block Oracle's Java plugin and other plugins that use the old NPAPI (Netscape Plugin API).
Dutch infosec firm Fox IT has spotted a lage scale malvertising campaign that seems to originate from Bulgarian Google ad reseller EngageLab.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.