https://winbuzzer.com/2026/03/07/google-safe-browsing-missed-84-percent-phishing-sites-xcxwbn/

Google Safe Browsing Missed 84% of Phishing Sites

#Google #GoogleChrome #GoogleSafeBrowsing #WebBrowsers #PhishingAttacks #Cybersecurity #Cybercrime #Hackers #Malware #ThreatIntelligence #SecurityResearch #SecurityThreats #SecurityFlaws

Guys. 😄 After I tried switching from Brave/Firefox browsers to Chrome (Google's browser), Google (Safe Browsing) labeled my sites as unsafe with a big red page. 😄 They said that to remove the warning, I need to add their TXT records to the DNS records of my domain names I rent, such as `kalvin.my` and `lamin.my`. 😄 The purpose of this is to verify my domain ownership. 😄☀️ I think I will do this only if I find that the domain name reflects or has the same vibe as myself.

#WebBrowsers #GoogleSafeBrowsing #DomainVerification #DigitalIdentity #TechChallenges #OnlineSecurity #InternetPrivacy #WebTech #DomainOwnership #CyberSecurity #TechHumor #BrowserWars #GoogleChrome #InternetExperience #DigitalLife

Why does #GoogleSafeBrowsing block www.referata.com? It's not malware, it's just down. I miss #Wikipapers. :(

For context, http://wikipapers.referata.com/wiki/List_of_publications was flagged as malicious on a friend's Google presentation and the entire presentation was deemed a ToS violation (?).

#referata #SMW

I'm impressed, I reported a phishing page to Google ( https://safebrowsing.google.com/safebrowsing/report_phish/ ) and roughly 30 minutes later all of the phishing domains tied to that campaign were flagged as malicious according to Google Safe browsing
(ignore the Vt totals in the screenshot it's old)

I want to think this isn't coincidence because I got a spam for the same thing tax-return-spam yesterday so it had been up for 24h+ and still wasn't flagged.

Feels like the good deed of the day is done.

#GoogleSafeBrowsing

@mconley
Now we just need them to stop sending things to Google via "#GoogleSafeBrowsing" and other telemetry.

Or get them to publicly endorse the #DigitalFeudalismCounteraAction setup that blocks the plutocrats at the network level. 😄

If they are seriously using #MSGitHub at Mozilla, then really what hope is there?

Comme nous le 18 février, rubygems.org a été complétement bloqué ce 11 mai par Google Safe Browsing

cf. historique de la page de statuts de rubygems.org :

https://status.rubygems.org/

#googlesafebrowsing

New Supply Chain Attack Vector just dropped: falsely report a single package on a package repository website as being malicious to the Google Safe Browsing List, and they will block the entire freaking domain! Chrome, Firefox, and Brave, all use the Google Safe Browsing API to warn users if they're about to visit a malicious domain, and make it difficult to override. Lots of other websites/services also use the Google Safe Browsing List/API to filter links, such as Reddit, Blogger, and Google Workplaces / GMail.

This literally just happened today to the metasploit-payloads gem (last version released on May 8th, 2023) on https://rubygems.org and took several hours to resolve. During which time, users got a giant red warning screen when visiting rubygems.org, new Reddit comments linking to rubygems.org got auto-removed, Blogger automatically flagged/removed old blog posts that contained rubygems.org links, the Ruby Weekly newsletter got flagged by Google Workplaces as containing malware because it linked back to rubygems.org, and a few people on Twitter reported DNS issues with their CI server because they were using Google Safe Browsing List to filter DNS domains.

Now imagine if someone falsely reported pwntools on PyPi to the Google Safe Browsing List? Imagine how much disruption that would cause to the Python ecosystem if suddenly https://pypi.org started getting flagged as malicious by the Google Safe Browsing List? Imagine the confusion and frustration when people's Reddit comments and Blogger posts started getting auto-removed?

Yeah, maybe Google should add a new policy for handling abuse reports about packages on package repository websites, like not flagging the entire domain, or better yet forward the abuse reports to the website's admins and let them review the package in question.

#supplychain #supplychainsecurity #googlesafebrowsing #rubygems #pypi #npm #cratesio