The developers at Brave Software announced that their browser will now block the Windows Recall functionality by default. This ensures that Windows cannot take screenshots of Brave windows, maintaining the privacy of users.
The AI function Recall was first introduced in May 2024. It is designed to help “remember” any information that the user has viewed in the past, making it accessible through a simple search. Recall takes a snapshot of any active window on the screen every few seconds, recording everything happening in Windows, whether it’s browsing websites in a browser, chatting in a messenger, or working with other applications.
After the announcement, Recall faced harsh criticism from cybersecurity experts and privacy advocates. Specialists compared the feature to a keylogger and demonstrated that it could be used for data theft.
In response to criticism, Microsoft has postponed the launch of Recall and announced that it will provide additional security by making the feature optional and encrypting the database so that it is inaccessible until the user authenticates via Windows Hello.
In December 2024, Recall became available again to participants in the Windows Insiders program, but users once again discovered issues and criticized the company: it turned out that Recall saves credit card numbers, social security numbers, and other confidential information, even if it is prohibited.
In the spring of 2025, Microsoft began rolling out Windows Recall to all users who installed the Windows 11 update KB5055627 on Copilot+ PCs. Shortly thereafter, the feature became available to anyone who installed the May updates.
The developers of Brave have now announced that they have decided to proactively add a feature to their browser that will prevent Recall from capturing the content of windows.
“Given that Brave places a strong emphasis on default settings that ensure maximum privacy, and what is at stake (your entire browsing history), we have preemptively disabled Recall for all Brave tabs,” the company states. “We believe it is important that your activity in the Brave browser does not accidentally end up in a permanent database, which can be particularly susceptible to misuse in sensitive situations (for example, in cases of partner abuse).”
On GitHub, the developers of Brave explain that they used Microsoft’s SetInputScope API and set the value to IS_PRIVATE for all browser windows. This informs Windows that the content of the windows should not be captured or indexed by Recall.
“Microsoft claims that a web browser can use SetInputScope to set the scope to the IS_PRIVATE value, so that Recall does not save the user’s browsing history. We can forcibly set this value for all windows in the renderer_widget_host_view,” the company says.
The innovation has already been implemented in Brave Nightly builds and is expected to roll out to stable releases in the coming weeks.
Recall that in May of this year, the developers of the Signal messenger made a similar decision and also blocked the Recall functionality by default, stating that Microsoft simply left them no other choice.
2025.03.18 — Black Basta ransomware group developed its own automated brute-forcing framework
According to EclecticIQ, Black Basta Ransomware-as-a-Service (RaaS) group has developed its own automated brute-forcing framework dubbed BRUTED. It's used to hack edge network devices…
Full article →
2025.04.07 — Critical RCE vulnerability discovered in Apache Parquet
All versions of Apache Parquet up to and including 1.15.0 are affected by a critical remote code execution (RCE) vulnerability whose CVSS score is 10 out…
Full article →
2025.02.17 — Dutch police seize 127 servers belonging to Zservers hosting provider
Following the introduction of international sanctions against Zservers, Russian 'bulletproof' hosting services provider, the Dutch National Police (Politie) shut down and seized 127 servers belonging to Zservers/XHost.…
Full article →
2025.01.30 — Hackers use vulnerabilities in SimpleHelp RMM to attack corporate networks
Experts believe that recently patched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM) were used by attackers to gain initial access to corporate networks. A number…
Full article →
2025.04.01 — Hackers abuse MU plugins to inject malicious payloads to WordPress
According to Sucuri, hackers store malicious code in the MU-plugins (Must-Use Plugins) directory in WordPress and execute it while remaining undetected. The technique was first discovered…
Full article →
2025.01.26 — Cisco patched a critical vulnerability in Meeting Management
Cisco released updates to fix a critical (CVSS score: 9.9) vulnerability in Meeting Management. The bug enables an unprivileged remote authenticated attacker to gain administrative privileges. The vulnerability…
Full article →
2025.02.03 — PyPI introduces a project archival system to combat malicious updates
The Python Package Index (PyPI) introduces a new project archival system: a project can now be archived to notify users that it's not expected to be updated…
Full article →
2025.01.29 — Google to disable Sync in older Chrome versions
Google announced that in early 2025, Chrome Sync will be disabled in Chrome versions older than four years. Chrome Sync enables users to save and sync their…
Full article →
2025.03.20 — 8,000 vulnerabilities identified in WordPress ecosystem in 2024
According to Patchstack, world's #1 WordPress vulnerability intelligence provider, 7,966 new vulnerabilities were identified in the WordPress ecosystem in 2024; most of these bugs affected plugins…
Full article →
2025.01.27 — Zyxel firewalls reboot due to flawed update
Zyxel warned its customers that a recent signature update may cause critical errors in USG FLEX and ATP series firewalls. As a result, devices go into…
Full article →