Millions of Enterprises at Risk: SquareX Shows How Malicious Extensions Bypass Google's MV3 Restrictions - DevOps.com

Millions of Enterprises at Risk: SquareX Shows How Malicious Extensions Bypass Google's MV3 Restrictions - DevOps.com

Briefly

SquareX's presentation highlighted the alarming ability of malicious browser extensions built on Manifest V3 to steal sensitive data like video streams and site cookies without special permissions.

DevOps.comhttps://devops.com/millions-of-enterprises-at-risk-squarex-shows-how-malicious-extensions-bypass-googles-mv3-restrictions/

The research revealed that rogue extensions can manipulate user actions, such as adding collaborators to private GitHub repositories, without detection, showcasing a severe security vulnerability.

DevOps.comhttps://devops.com/millions-of-enterprises-at-risk-squarex-shows-how-malicious-extensions-bypass-googles-mv3-restrictions/

SquareX's findings emphasize that even with MV3's security updates, malicious extensions continue to exploit loopholes, putting users at enormous risk.

DevOps.comhttps://devops.com/millions-of-enterprises-at-risk-squarex-shows-how-malicious-extensions-bypass-googles-mv3-restrictions/

The scale of the problem is significant; a Stanford report suggests 280 million malicious Chrome extensions were installed recently, indicating a critical need for enhanced security measures.

DevOps.comhttps://devops.com/millions-of-enterprises-at-risk-squarex-shows-how-malicious-extensions-bypass-googles-mv3-restrictions/