A new bug has been found in Chrome that allows a web site to trigger and monitor your microphone without your knowledge. Chrome has accidentally allowed web sites to eavesdrop on your mic before, and this exploit does keeps its actions pretty well hidden.
The trick here basically allows a hacker to turn a site into recording system using an outdated Google speech API that doesn't indicate the microphone is on. It's a pretty convoluted process, but it does show how a site might be able to spy on you. You can get full details over at Guya.net, and see how to keep an eye on your Chrome settings below.