Ptechhub
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs
No Result
View All Result
PtechHub
No Result
View All Result

Google Chrome to Distrust Two Certificate Authorities Over Compliance and Conduct Issues

The Hacker News by The Hacker News
June 3, 2025
Home Cybersecurity
Share on FacebookShare on Twitter


Jun 03, 2025Ravie LakshmananWeb Security / Digital Identity

Google has revealed that it will no longer trust digital certificates issued by Chunghwa Telecom and Netlock citing “patterns of concerning behavior observed over the past year.”

The changes are expected to be introduced in Chrome 139, which is scheduled for public release in early August 2025. The current major version is 137.

The update will affect all Transport Layer Security (TLS) server authentication certificates issued by the two Certificate Authorities (CAs) after July 31, 2025, 11:59:59 p.m. UTC. Certificates issued before that date will not be impacted.

Cybersecurity

Chunghwa Telecom is Taiwan’s largest integrated telecom service provider and Netlock is a Hungarian company that offers digital identity, electronic signature, time stamping, and authentication solutions.

“Over the past several months and years, we have observed a pattern of compliance failures, unmet improvement commitments, and the absence of tangible, measurable progress in response to publicly disclosed incident reports,” Google’s Chrome Root Program and the Chrome Security Team said.

“When these factors are considered in the aggregate and considered against the inherent risk each publicly-trusted CA poses to the internet, continued public trust is no longer justified.”

As a result of this change, Chrome browser users on Windows, macOS, ChromeOS, Android, and Linux who navigate to a site serving a certificate issued by either of the two CAs after July 31, will be served a full-screen security warning.

Website operators who rely on the two CAs are recommended to use the Chrome Certificate Viewer to check the validity of their site’s certificates and transition to a new publicly-trusted CA as soon as “reasonably possible” to avoid any user disruption.

Enterprises, however, can override these Chrome Root Store constraints by installing the corresponding root CA certificate as a locally-trusted root on the platform Chrome is running. It’s worth noting that Apple has distrusted the Root CA Certificate “NetLock Arany (Class Gold) Főtanúsítvány” effective November 15, 2024.

Cybersecurity

The disclosure comes after Google Chrome, Apple, and Mozilla decided to no longer root CA certificates signed by Entrust as of November 2024. Entrust has since sold off its certificate business to Sectigo.

Earlier this March, Google revealed that the CA/Browser Forum adopted Multi-Perspective Issuance Corroboration (MPIC) and Linting as required practices in the Baseline Requirements (BRs) to enhance domain control validation and flag insecure practices in X.509 certificates.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
The Hacker News

The Hacker News

Next Post
Preparing for AI: The CISO’s role in security, ethics and compliance | Computer Weekly

Preparing for AI: The CISO’s role in security, ethics and compliance | Computer Weekly

Recommended.

Xiao-I (AIXI) Responds to “DeepSeek” Developments, Showcases Cost-Effective RL Breakthroughs in Hua Zang LLM, and Announces U.S. Expansion

Xiao-I (AIXI) Responds to “DeepSeek” Developments, Showcases Cost-Effective RL Breakthroughs in Hua Zang LLM, and Announces U.S. Expansion

January 27, 2025
How Arm Is Winning Over AWS, Google, Microsoft And Nvidia In Data Centers

How Arm Is Winning Over AWS, Google, Microsoft And Nvidia In Data Centers

February 13, 2025

Trending.

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

Cloud Market Share Q1 2026: AWS, Microsoft, Google Battling In AI Era

May 4, 2026
Anaconda Extends AI-Native Application Development With Acquisition

Anaconda Extends AI-Native Application Development With Acquisition

May 1, 2026
This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

This Scammer Used an AI-Generated MAGA Girl to Grift ‘Super Dumb’ Men

April 21, 2026
AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

AT&T Vs. Verizon: How The Country’s Biggest Carriers Fared In Q4 2025

January 30, 2026
Anthropic’s 5 Huge Hires From OpenAI, Google, Microsoft And xAI In 2026

Anthropic’s 5 Huge Hires From OpenAI, Google, Microsoft And xAI In 2026

July 7, 2026

PTechHub

A tech news platform delivering fresh perspectives, critical insights, and in-depth reporting — beyond the buzz. We cover innovation, policy, and digital culture with clarity, independence, and a sharp editorial edge.

Follow Us

Industries

  • AI & ML
  • Cybersecurity
  • Enterprise IT
  • Finance
  • Telco

Navigation

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Subscribe to Our Newsletter

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Copyright © 2025 | Powered By Porpholio

No Result
View All Result
  • News
  • Industries
    • Enterprise IT
    • AI & ML
    • Cybersecurity
    • Finance
    • Telco
  • Brand Hub
    • Lifesight
  • Blogs

Copyright © 2025 | Powered By Porpholio