Signal
Google Chrome 146 introduces device-bound session credentials to combat cookie theft
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-04-10 07:50 UTCUpdated 2026-04-10 20:23 UTC
rss
security_toolingincident_responsesecurity_policy
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (4 domains)domains are deduped. counts indicate coverage, not truth.4 top sources shown
Overview
Google has launched Device Bound Session Credentials (DBSC) in Chrome 146 for Windows users to prevent session cookie theft by infostealer malware.
Score total
1.62
Momentum 24h
5
Posts
5
Origins
5
Source types
1
Duplicate ratio
0%
Why now
- Google has just made DBSC generally available in Chrome 146 for Windows users.
- Infostealer malware remains a prevalent threat targeting session cookies.
- Expansion to macOS is planned, indicating broader future protection coverage.
Why it matters
- Cookie theft enables attackers to hijack accounts without passwords, posing a major security risk.
- DBSC prevents stolen session cookies from being reused on other devices, reducing account compromise.
- This hardware-bound protection enhances browser security against infostealer malware.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: high
Recurring claims
- Device Bound Session Credentials (DBSC) cryptographically bind session cookies to the user's device hardware, preventing stolen cookies from being reused on other devices.
- DBSC is currently available for Windows users in Chrome 146, with macOS support planned in a future release.
How sources frame it
- Help Net Security: neutral
This briefing highlights Google's new hardware-bound session cookie protection in Chrome 146, a significant step to mitigate infostealer malware risks.
All evidence
All evidence
Chrome 146 introduces device bound session credentials to combat info-stealing malware
SC Media · scworld.com · 2026-04-10 20:23 UTC
Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies
Infosecurity Magazine · infosecurity-magazine.com · 2026-04-10 11:25 UTC
To counter cookie theft, Chrome ships device-bound session credentials
Help Net Security · helpnetsecurity.com · 2026-04-10 09:21 UTC
Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows
thehackernews · thehackernews.com · 2026-04-10 07:58 UTC
Google Rolls Out Cookie Theft Protections in Chrome
SecurityWeek · securityweek.com · 2026-04-10 07:50 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 5Origin domains: 5Duplicates: -
Showing 5 / 0
Top publishers (this list)
- SC Media (1)
- Infosecurity Magazine (1)
- Help Net Security (1)
- thehackernews (1)
- SecurityWeek (1)
Top origin domains (this list)
- scworld.com (1)
- infosecurity-magazine.com (1)
- helpnetsecurity.com (1)
- thehackernews.com (1)
- securityweek.com (1)