VMVirtualMachine.com

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

By The Hacker News
Publication Date: 2026-04-10 07:58:00

Ravie LakshmananApr 10, 2026Malware / Browser Security

Google has made Device Bound Session Credentials (DBSC) generally available to all Windows users of its Chrome web browser, months after it began testing the security feature in open beta.

The public availability is currently limited to Windows users on Chrome 146, with macOS expansion planned in an upcoming Chrome release.

“This project represents a significant step forward in our ongoing efforts to combat session theft, which remains a prevalent threat in the modern security landscape,” Google’s Chrome and Account Security teams said in a Thursday post.

Session theft involves the covert exfiltration of session cookies from the web browser, either by gathering existing ones or waiting for a victim to log in to an account, to an attacker-controlled server.

Cybersecurity

Typically, this happens when users inadvertently download information-stealing malware into their systems. These stealer malware families – of which there…

Exit mobile version