Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Google Chrome enables default warnings for insecure HTTP public websites

Security Tool/Service
First reported
Last updated
Happening score
H score 10
2 unique sources, 2 articles

Summary

Hide ▲

Google Chrome will begin warning users by default before opening insecure HTTP public websites, reducing exposure to MITM attacks and attacker-controlled navigation. The change turns on Always Use Secure Connections by default, so users are more likely to land on HTTPS versions of sites or approve an exception before proceeding. Google says the rollout starts with Chrome 154 in October 2026, after an earlier staged enablement for over 1 billion users in April 2026.

Related Happenings

Google Chrome 149 security update

Security Patch Release
H score28 First: 12.06.2026 12:27 Last: 12.06.2026 12:27 Sources 1

About this happening: Google rolled out **Chrome 149** for **Windows, macOS, and Linux**, resolving **28 critical and high-severity vulnerabilities**. The update reduces risk from browser compromise, m...

Open Happening

Google security patch release for CVE-2026-11645

Security Patch Release
H score56 First: 09.06.2026 09:56 Last: 09.06.2026 09:56 Sources 1

About this happening: **Google** released **emergency Chrome updates** to fix **CVE-2026-11645**, a **zero-day** that had already been **exploited in the wild**. The patched release covers **Chrome Sta...

Open Happening

Chrome V8 JavaScript engine out-of-bounds read/write zero-day exploited in the wild (CVE-2026-11645)

Vulnerability
H score45 First: 09.06.2026 09:56 Last: 09.06.2026 09:56 Sources 1

About this happening: **Google** has patched **CVE-2026-11645**, a **Chrome V8 JavaScript engine** zero-day that was **exploited in the wild** and could let remote attackers run code inside the browser...

Open Happening

Google security patch release for CVE-2026-10881

Security Patch Release
H score26 First: 06.06.2026 10:28 Last: 06.06.2026 10:28 Sources 1

About this happening: Google shipped **Chrome 149** with patches for **429 security bugs**, including **CVE-2026-10881** in **ANGLE**, creating a broad browser update for users on **Linux, Windows, and...

Open Happening

Google Chrome DBSC rolls out session-cookie theft protection for all users

Security Tool/Service
H score10 First: 29.05.2026 15:08 Last: 29.05.2026 15:08 Sources 1

About this happening: Google's **Chrome Device Bound Session Credentials (DBSC)** is now **generally available** and rolling out to **all users**, reducing the risk of **account takeovers** from stolen...

Open Happening

Timeline

  1. 28.10.2025 19:00 2 articles · 7mo ago

    Google Chrome enables default warnings for insecure HTTP public websites

    Initial Disclosure

    Chrome will first enable **Always Use Secure Connections** for public sites for **over 1 billion users** in **April 2026** through **Chrome 147**. That staged phase is meant to surface sites that still rely on HTTP before the default warning change in **Chrome 154**.

    Show sources
    Open in new tab