THREAT OPS › Threat News › HTTPS by default
HTTPS by default
<p> One year from now, with the release of Chrome 154 in October 2026, we will change the default settings of Chrome to enable “Always Use Secure Connections”. This means Chrome will ask for the user's permission before the first access to any public site without HTTPS. </p>
<div class="separator" style="clear: both;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgXrS0w0j-B4
Attributed threat actors
- Earth LuscaG1006
MITRE ATT&CK techniques
Indicators of compromise
- https://chrome.securityurl
- https://blog.chromium.org/2021/07/increasing-https-adoption.htmlurl
- https://blog.chromium.org/2023/08/towards-https-by-default.htmlurl
- https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_contenturl
- https://developer.chrome.com/blog/local-network-accessurl
- https://chromium.googlesource.com/chromium/src/+/main/docs/security/ask-before-http/ask-before-http-adoption-guide.mdurl
- blogger.googleusercontent.comdomain
Original source: http://security.googleblog.com/2025/10/https-by-default.html