CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Zscaler Acquires SquareX to Enhance Browser Security

First reported
Last updated
2 unique sources, 2 articles

Summary

Hide ▲

Zscaler has acquired SquareX, a browser security firm, to integrate its Browser Detection and Response (BDR) solution into its Zero Trust Exchange platform. The acquisition aims to extend security to unmanaged devices, allowing organizations to secure users within their preferred browsers like Google Chrome and Microsoft Edge without needing a full agent or a separate enterprise browser. The deal closed on February 5, 2026, and is part of Zscaler's strategy to enhance its security capabilities. SquareX's technology provides real-time threat detection and response directly within the browser, addressing threats like malicious extensions, phishing, and data leakage. Zscaler plans to complete the integration within the next few months, anticipating rapid demand despite SquareX's relatively small installed base.

Timeline

  1. 13.02.2026 23:58 1 articles · 23h ago

    SquareX's Browser Extension Enhances Security Visibility

    SquareX's browser extension gives security teams deep, actionable visibility while remaining virtually invisible to users. It addresses the gap in security within the browser environment, providing real-time threat detection and response directly within the browser.

    Show sources
    Open in new tab
  2. 06.02.2026 04:48 2 articles · 8d ago

    Zscaler Acquires SquareX to Enhance Browser Security

    Zscaler has acquired SquareX, a browser security firm, to integrate its Browser Detection and Response (BDR) solution into its Zero Trust Exchange platform. The acquisition aims to extend security to unmanaged devices, allowing organizations to secure users within their preferred browsers like Google Chrome and Microsoft Edge without needing a full agent or a separate enterprise browser. The deal closed on February 5, 2026. SquareX's technology provides real-time threat detection and response directly within the browser, addressing threats like malicious extensions, phishing, and data leakage. Zscaler plans to complete the integration within the next few months, anticipating rapid demand despite SquareX's relatively small installed base.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Browser Attacks Evasion of Traditional Security Measures

Modern enterprise work heavily relies on browsers for accessing SaaS applications, identity providers, and AI tools. However, traditional security architectures focus on endpoints, networks, and email, leaving a significant visibility gap in browser activities. This gap allows a class of browser-only attacks to evade detection and investigation, posing a growing challenge for security teams. In 2026, browser attacks continue to leave little traditional evidence, making them difficult to detect and mitigate. These attacks include clickfix and UI-driven social engineering, malicious extensions, man-in-the-browser attacks, and HTML smuggling. Each of these attack types exploits the lack of visibility into browser activities, making them hard to prevent and investigate. The gap in browser-level observability is widening due to the increasing use of AI tools and AI-native browsers, which normalize actions like copying, pasting, and uploading sensitive information. This makes it even more challenging for security teams to evaluate risks and set effective controls.

Open in new tab

Modern web browsers as primary attack surface in enterprise infrastructure

Modern web browsers have become critical components of enterprise infrastructure, but also a primary attack surface for identity-based intrusions, SaaS abuse, and session hijacking. On September 29th at 12:00 PM ET, a webinar will be held to discuss the evolving threat landscape targeting corporate browsers and how attackers compromise accounts, steal data, and bypass traditional defenses. The webinar will focus on real-time detection and response platforms to mitigate these risks. The webinar, titled "Your Browser Is the Breach: Securing the Modern Web Edge", will be co-hosted by BleepingComputer and SC Media, with experts from Push Security. The event aims to educate security professionals on the tactics used by attackers, such as malicious extensions, session token theft, and OAuth abuse, and provide strategies to detect and defend against these threats.

Open in new tab

Increased Focus on Browser Security Due to Rising Threats

The browser has become a prime target for attackers due to its central role in modern work environments. Attacks exploit vulnerabilities, malicious extensions, and session hijacking to steal sensitive data. The Snowflake breach highlighted the risks, prompting discussions on whether the browser is the new endpoint. Experts emphasize the need for stronger browser security measures to mitigate these threats. The Snowflake attack, which used stolen credentials, underscored the vulnerability of browsers. This incident, along with others like those by Scattered Spider and ShinyHunters, has led to increased awareness of browser security risks. Experts suggest that enterprises should treat the browser as a secure agent and integrate browser security with network and endpoint protections. Attacks on browsers often avoid malware, making detection difficult. Security measures should minimize user friction and integrate browser, network, and endpoint security for comprehensive threat prevention.

Open in new tab

Scattered Spider's Browser-Based Attacks and Mitigation Strategies

Scattered Spider, also known as UNC3944, Octo Tempest, or Muddled Libra, has evolved to target browser environments, exploiting vulnerabilities in web applications accessed via Chrome, Edge, Firefox, and other browsers. This group focuses on stealing sensitive data such as credentials, session tokens, and security tokens. Over 80% of security incidents now originate from these web applications, making browser security a critical concern for enterprises. Scattered Spider employs sophisticated techniques like Browser-in-the-Browser overlays, session token theft, and malicious extensions to evade traditional security tools. To counter these threats, CISOs must implement multi-layered browser security strategies, including runtime script protection, session integrity, extension governance, and browser telemetry integration.

Open in new tab

Google Chrome Enterprise Premium Enhances Browser Security for Hybrid Work Environments

Google's Mark Berschadski discussed how Chrome Enterprise is evolving to address the complex security challenges of today's rapidly changing business landscape at the "There's No Place Like Chrome" event. The traditional workplace perimeter has dissolved, leading organizations to pivot to browser-based security to enable work from any device, anywhere. Chrome Enterprise Premium supports zero trust security principles through identity verification, device posture assessment, and continuous verification. It allows organizations to implement granular security policies while maintaining a seamless user experience, making it essential for securing hybrid work environments. Kemmerer and Hudziak addressed common misconceptions about browser security, noting that traditional solutions like VPNs and firewalls often fail in BYOD scenarios. Chrome's extensive telemetry and security features, including Safe Browsing and advanced malware sandboxing, provide IT and security teams with the tools needed to monitor and mitigate risks effectively. The threat landscape is evolving with attackers increasingly targeting human vulnerabilities through social engineering rather than technical exploits. Google Safe Browsing alerts users if they click on a site known or suspected to be involved in nefarious activities, and administrators can prevent access to such sites. Chrome Enterprise and Chrome OS enable security controls at the browser level, allowing for verification of device status, user identity, access rights, and data handling. Chrome Enterprise includes Data Loss Protection (DLP) controls that manage file downloads, printing, and uploads to safeguard intellectual property. It supports secure interactions for third-party contractors and BYOD environments. Google is integrating productivity-enhancing AI capabilities like Gemini into Chrome for enterprise customers later this year, transforming the browser into a secure, productive workspace with customizable controls that adapt to changing organizational needs while effectively managing risk.

Open in new tab