I’ll admit, I was surprised to learn that Google Chrome still doesn’t warn users before opening HTTP sites. As a Safari user, I’ve been seeing these warnings for years. What’s even more surprising is that Chrome won’t implement this change until October 2026 with the release of Chrome 154. That’s a long wait for a feature that feels like table stakes in 2025.

It’s never good when the very software you rely on to patch vulnerabilities ends up with a critical vulnerability of its own. That’s exactly what’s happening with Windows Server Update Services (WSUS), which has been found to contain a remote code execution (RCE) flaw now under active exploitation.

OpenAI has unveiled ChatGPT Atlas, described as “the browser with ChatGPT built in.” It’s part of a growing wave of AI‑powered browsers promising to transform how we search, browse, and interact with the web. Instead of just displaying pages, Atlas can summarize content, automate tasks, and even act as an assistant that remembers context across sessions.

But with this new power comes new risk. Security experts are already sounding alarms about the vulnerabilities AI browsers introduce — and why users should think twice before handing over their data.

Sometimes security fixes feel like rocket science. Other times, they’re just common sense. Microsoft’s latest change falls squarely into the latter category — and it’s a welcome one.

With this month’s Patch Tuesday updates, Windows now disables File Explorer’s preview pane for files downloaded from the internet. If you’ve already patched, this protection is live for you today (you did patch, right?).

The foundation of many online stores is cracking. A critical vulnerability in Adobe Commerce and Magento Open Source, tracked as CVE‑2025‑54236 and nicknamed SessionReaper, is now under active attack. In just one day, researchers observed 250+ exploitation attempts targeting multiple e‑commerce sites.