Tag: Malicious Extensions

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions
News

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

A security vulnerability in the Microsoft Edge web browser that has since been fixed might have been leveraged to install malicious extensions and perform other nefarious tasks on users' computers. According to security researcher Oleg Zaytsev of Guardio Labs, this vulnerability may have given an attacker the ability to install more browser extensions with extensive permissions without the user's knowledge by using a private API that was first meant for marketing purposes. Following responsible disclosure in November 2023, Microsoft fixed the issue in Edge stable version 121.0.2277.83, which was released on January 25, 2024. The issue is tracked as CVE-2024-21388 (CVSS score: 6.5). The creator of Windows gave Zaytsev and Jun Kokatsu credit for bringing up the problem. Microsoft n...
Google Chrome’s New Feature Alerts Users About Auto Removal of Malicious Extensions
News

Google Chrome’s New Feature Alerts Users About Auto Removal of Malicious Extensions

In the forthcoming release of its Chrome web browser, Google has revealed plans to include a new feature that will notify users when an extension they have installed has been taken down from the Chrome Web Store. Users can receive notifications when an add-on has been delisted by a developer, taken down due to a violation of Chrome Web Store guidelines, or identified as malicious software thanks to the functionality, which will debut alongside Chrome 117. The tech behemoth announced that it would highlight such extensions under a "Safety check" section in the browser settings page's "Privacy and security" subsection read more Google Chrome's New Feature Alerts Users About Auto Removal of Malicious Extensions. Stay informed with the best cybersecurity news and raise your cybersecu...