Find notable cyber news and cases, enriched with sources, timelines, and signals.

Google Chrome adds User Alignment Critic for Gemini agentic browsing defense

Security Tool/Service
First reported
Last updated
Happening score
H score 11
1 unique sources, 1 articles

Summary

Hide ▲

Google is adding User Alignment Critic to Chrome for upcoming Gemini-powered agentic browsing, strengthening defenses against indirect prompt injection and unsafe browser actions. The update matters because it adds a dedicated review layer, Origin Sets, and user confirmation steps to reduce the risk of data exposure and fraudulent transactions in autonomous web tasks.

Related Happenings

Indirect prompt-injection web campaigns targeting AI agents

Campaign
H score37 First: 06.07.2026 18:00 Last: 06.07.2026 18:00 Sources 1

About this happening: **Two real-world campaigns** are using **indirect prompt injection** and **SEO poisoning** to steer **AI agents** into fraudulent actions and false legitimacy judgments. The lures...

Google Chrome DBSC rolls out session-cookie theft protection for all users

Security Tool/Service
H score10 First: 29.05.2026 15:08 Last: 29.05.2026 15:08 Sources 1

About this happening: Google's **Chrome Device Bound Session Credentials (DBSC)** is now **generally available** and rolling out to **all users**, reducing the risk of **account takeovers** from stolen...

Chromium JavaScript background RCE flaw

Vulnerability
H score16 First: 21.05.2026 21:13 Last: 21.05.2026 21:13 Sources 1

About this happening: The unfixed **Chromium** flaw keeps **JavaScript** running after the browser is closed, creating **remote code execution** risk across **Chromium-based browsers**. A malicious sit...

Google expands Gemini AI for malicious ad blocking on Google Ads

Security Tool/Service
H score56 First: 16.04.2026 18:24 Last: 16.04.2026 18:24 Sources 1

About this happening: **Google** expanded **Gemini AI** use across its ad platforms to detect and block **malicious ads** in real time, reducing scam and malvertising exposure at scale. The move matter...

LayerX font-rendering PoC exposes a browser-rendering gap in AI assistant analysis

Technical Analysis
H score25 First: 17.03.2026 15:59 Last: 17.03.2026 15:59 Sources 1

About this happening: A **LayerX** proof-of-concept showed that a **font-rendering attack** can hide malicious webpage commands from AI assistants, creating a risk of **unsafe guidance** when the brows...

Timeline

  1. 08.12.2025 20:08 2 articles · 7mo ago

    Google introduces User Alignment Critic for Chrome agentic browsing

    Initial Disclosure

    Google introduces User Alignment Critic in Chrome to protect Gemini-powered agentic browsing, using an isolated second Gemini model, Origin Sets, user confirmation for sensitive sites and Password Manager sign-ins, and a dedicated classifier for indirect prompt injection. The layered controls are meant to reduce unsafe browser actions, user data exposure, and fraudulent transactions, while automated red-teaming and bounty payments of up to $20,000 are planned to strengthen the system.

    Show sources