Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Google Chrome adds agentic AI protections against indirect prompt injection

Security Tool/Service
First reported
Last updated
Happening score
H score 10
1 unique sources, 1 articles

Summary

Hide ▲

Google Chrome is rolling out new protections for Gemini in Chrome to reduce indirect prompt injection risk across agentic browsing. The update adds a Gemini-based User Alignment Critic, expands origin scoping with Agent Origin Sets, and uses user confirmation before sensitive actions. The controls are meant to block goal-hijacking, data leaks, and unwanted financial transactions when the agent interacts with web content.

Related Happenings

Chromium JavaScript background RCE flaw

Vulnerability
First: 21.05.2026 21:13 Last: 21.05.2026 21:13 Sources 1

About this happening: The unfixed **Chromium** flaw keeps **JavaScript** running after the browser is closed, creating **remote code execution** risk across **Chromium-based browsers**. A malicious sit...

Open Happening

Gemini Enterprise Agent Platform launch adds agent identity, policy enforcement, and anomaly detection controls

Security Tool/Service
First: 23.04.2026 15:00 Last: 23.04.2026 15:00 Sources 1

About this happening: Google Cloud expanded **Gemini Enterprise Agent Platform** with new security controls for **AI agents**, giving organizations more visibility and policy enforcement for autonomous...

Open Happening

Google expands Gemini AI for malicious ad blocking on Google Ads

Security Tool/Service
First: 16.04.2026 18:24 Last: 16.04.2026 18:24 Sources 1

About this happening: **Google** expanded **Gemini AI** use across its ad platforms to detect and block **malicious ads** in real time, reducing scam and malvertising exposure at scale. The move matter...

Open Happening

LayerX font-rendering PoC exposes a browser-rendering gap in AI assistant analysis

Technical Analysis
First: 17.03.2026 15:59 Last: 17.03.2026 15:59 Sources 1

About this happening: A **LayerX** proof-of-concept showed that a **font-rendering attack** can hide malicious webpage commands from AI assistants, creating a risk of **unsafe guidance** when the brows...

Open Happening

Enterprise browser users AI adoption and browser-risk trends

Target Trend
First: 05.03.2026 17:01 Last: 05.03.2026 17:01 Sources 1

About this happening: Enterprise browser sessions are seeing **mainstream AI tool use**, widening the security blind spot around **employee work sessions** and increasing the risk of **sensitive data e...

Open Happening

Timeline

  1. 08.12.2025 20:00 2 articles · 5mo ago

    Chrome adds Gemini-based defenses against indirect prompt injection

    Mitigation Patch Update

    Google is rolling out layered defenses for Chrome agentic capabilities to reduce indirect prompt injection, goal-hijacking, data exfiltration, and unwanted actions. The controls add a Gemini-based User Alignment Critic that vets proposed actions using only metadata, expand Site Isolation and same-origin policy with Agent Origin Sets, require user confirmation before sensitive navigation, Google Password Manager sign-ins, purchases, payments, and messaging, and add page-level prompt-injection checks alongside Safe Browsing and scam detection.

    Show sources
    Open in new tab