• Home
  • cyber
  • Google: Cyber Security News ®’s Post
cyber Vulnerability

Google: Cyber Security News ®’s Post

May 14, 2026 1 min read
Google: Cyber Security News ®’s Post

New VoidStealer Malware Exploits Chrome’s App-Bound Encryption to Steal User Data

A recently identified malware strain, VoidStealer, is targeting Google Chrome users on Windows, employing a sophisticated method to circumvent one of the browser’s critical security defenses. The malware specifically exploits Chrome’s App-Bound Encryption, a feature introduced by Google to safeguard stored passwords and session cookies from unauthorized access.

Unlike traditional malware that relies on elevated system privileges, VoidStealer operates without requiring admin-level access, making it a particularly stealthy threat. The malware’s ability to bypass Chrome’s encryption layer highlights a growing trend in cybercriminal tactics, where attackers increasingly focus on browser-stored credentials as a high-value target.

The discovery underscores the evolving nature of information-stealing malware, which continues to refine techniques to evade detection and extract sensitive data. While the exact distribution methods remain unclear, the emergence of VoidStealer serves as a reminder of the persistent risks posed by credential theft in modern cyberattacks.

Source: https://www.linkedin.com/feed/update/urn:li:activity:7462504777227190272

Google Chrome cybersecurity rating report: https://www.rankiteo.com/company/google-chrome

"id": "GOO1779200646",
"linkid": "google-chrome",
"type": "Vulnerability",
"date": "5/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'location': 'Global (Windows users)',
                        'name': 'Google Chrome Users',
                        'type': 'Individuals/End Users'}],
 'attack_vector': 'Browser-stored credentials exploitation',
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Passwords', 'Session cookies']},
 'description': 'A recently identified malware strain, VoidStealer, is '
                'targeting Google Chrome users on Windows, employing a '
                'sophisticated method to circumvent Chrome’s App-Bound '
                'Encryption, a feature introduced to safeguard stored '
                'passwords and session cookies. The malware operates without '
                'requiring admin-level access, making it stealthy, and '
                'highlights the evolving tactics of information-stealing '
                'malware.',
 'impact': {'data_compromised': 'Passwords and session cookies',
            'identity_theft_risk': 'High',
            'systems_affected': 'Google Chrome on Windows'},
 'motivation': 'Data theft',
 'post_incident_analysis': {'root_causes': 'Exploitation of Chrome’s App-Bound '
                                           'Encryption'},
 'title': 'VoidStealer Malware Exploits Chrome’s App-Bound Encryption to Steal '
          'User Data',
 'type': 'Malware',
 'vulnerability_exploited': 'Chrome’s App-Bound Encryption'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.