browser extension
GlassWorm attack installs fake browser extension for surveillance
It hides inside developer tools, then monitors activity and steals data, turning a single infection into a wider risk across the supply chain ...
Architectural Limitations in Chrome Browser DevTools in Debugging Malicious Extensions
The past few years have witnessed a surge in malicious browser extensions, including the Geco Colorpick, Cyberhaven and the Great Suspender. These malicious extensions exfiltrate data, steal session cookies, spread spyware and ...
Polymorphic Extensions: The Sneaky Extension That Can Impersonate Any Browser Extension
Imagine that your AI transcriber tool shapeshifts into your password manager, then your crypto wallet and finally into your banking app — all without your knowledge. This is exactly what polymorphic extensions can do ...
Browser Extensions: The Infostealers Nobody is Watching Out For
Extension-Based Infostealers and How to Stop ThemInfostealers have become a critical security threat, capable of exfiltrating valuable data including credentials, intellectual property, personal information, and financial records. Currently, two primary categories are well-documented: ...
OAuth Identity Attack — Are your Extensions Affected?
OAuth Identity Attack — Are your Extensions Affected?A malicious variant of Cyberhaven’s browser extension (v24.10.4) was uploaded to the Chrome Store on Christmas Day. According to Cyberhaven, this compromised version can allow “sensitive information, ...
“May I please access your data?” Browser Extension Seeks Risky Permissions!
Manage the browser extensions used by your employees by restricting the permissions they can seekBrowser extensions have significantly evolved since their introduction in 1999. Ranging from dark mode readers, to password managers and ...
Google Hates Ad Blockers: Manifest V3 Push Starts Today
We warned you. As of June 3, Google is following through on its threat to kill ad blockers. Privacy-focused Chrome extensions are living on borrowed time; developers must upgrade to the less ...
Spin.AI: Browser Extensions Bring High Security Risks
Software-as-a-service (SaaS) applications have become foundational to enterprises that use them to drive productivity, improve the customer experience, and connect an increasingly distributed workforce. That said, the software also increases security risks ...
Google Nukes Ad-Blockers—Manifest V3 is Coming
Makers of ad-blocker and anti-tracking browser extensions are spitting blood over Google’s Manifest V3—EFF calls it a “conflict of interest.” ...
49 crypto-wallet pickpocketing browser extensions booted from the Chrome web store
Hackers have been using Google Ads to target unsuspecting cryptocurrency investors into installing malicious browser extensions, with the aim of stealing passphrases and private keys and draining funds from their wallets. Harry ...
