Head Topics

Arc Browser adds security bulletins and bug bounties

United States News News

Arc Browser adds security bulletins and bug bounties
United States Latest News,United States Headlines
  • 📰 verge
  • ⏱ Reading Time:
  • 22 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 12%
  • Publisher: 67%

The Browser Company has started a bug bounty program in response to a “catastrophic” vulnerability recently found in the Chromium-based Arc browser.

Arc creator The Browser Company has officially started a bug bounty program to keep its growing Chromium-based browser’s security in check. The company is also launching a new security bulletin to maintain “transparent and proactive communication” with users and researchers on bug fixes and reports.

On top of its initial mitigations, the company says it now has disabled Boosts with Javascript by default and added a new global toggle to turn Boosts off completely in Arc version 1.61.2. The researcher, known as xyz3va, was initially paid a $2,000 bounty for the information. Now, with the new program in place, The Browser Company is upping it to $20,000 retroactively. The vulnerability was patched on August 26th.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

verge /  🏆 94. in US

United States Latest News, United States Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Building A Browser OS: The Vergecast's Decoder Interviews The Browser Company's CEOBuilding A Browser OS: The Vergecast's Decoder Interviews The Browser Company's CEONilay Patel of The Verge interviews Josh Miller, cofounder and CEO of The Browser Company, the maker of the Arc browser. They discuss Arc’s ambition to be an operating system for the web, its AI-powered features, and its place in the evolving landscape of search engines and content creation.
Read more »

Researcher reveals ‘catastrophic’ security flaw in the Arc browserResearcher reveals ‘catastrophic’ security flaw in the Arc browserCVE-2024-45489 was patched in late August but would have allowed attackers to upload arbitrary code to victims with just a user ID.
Read more »

The Arc browser that lets you customize websites had a serious vulnerabilityThe Arc browser that lets you customize websites had a serious vulnerabilityMariella Moon has been a night editor for Engadget since 2013, covering everything from consumer technology and video games to strange little robots that could operate on the human body from the inside one day. She has a special affinity for space, its technologies and its mysteries, though, and has interviewed astronauts for Engadget.
Read more »

Critical Vulnerability in Arc Browser Allowed Code InjectionCritical Vulnerability in Arc Browser Allowed Code InjectionA security researcher has uncovered a severe vulnerability in the Arc browser that could have enabled attackers to execute arbitrary code within other users' browsing sessions. The flaw, patched on August 26th, stemmed from a misconfiguration in the browser's use of Firebase for storing user data, including custom website customizations known as 'Boosts'. The researcher, xyz3va, disclosed the vulnerability and The Browser Company confirmed the issue and stated that their logs show no evidence of user exploitation.
Read more »

Baz Luhrmann's Next Movie Announced As A Historical Biopic After The Success Of ElvisBaz Luhrmann's Next Movie Announced As A Historical Biopic After The Success Of ElvisJoan of Arc in the The Passion of Joan of Arc
Read more »

Arc creator Josh Miller on why you should stop using Google ChromeArc creator Josh Miller on why you should stop using Google ChromeThe Browser Company cofounder Josh Miller on AI search and competing with Google.
Read more »



Render Time: 2025-02-19 19:17:54