#browser-extensions

[ follow ]
#javascript #cookies #bot-detection #access-troubleshooting #malware #affiliate-fraud #remote-code-execution
#bot-detection
more#bot-detection
fromSecurityWeek
1 day ago

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

The tools were designed to intercept users' ChatGPT session authentication tokens and send them to a remote server, but they don't exploit ChatGPT vulnerabilities to do so. Instead, they inject a content script into chatgpt.com and execute it in the MAIN JavaScript world. The script monitors outbound requests initialized by the web application, to identify and extract authorization headers and send them to a second content script, which exfiltrates them to the remote server.
Information security
Digital life
fromFast Company
3 days ago

5 Chrome dashboard extensions to make your start page more useful

The Chrome New Tab page can be transformed from an empty white void into a useful command center using extensions like Momentum and Bonjourr.
Privacy technologies
fromMUO
5 days ago

This tiny Chrome extension fights fingerprinting without breaking sites

A fingerprint-spoofer browser extension can anonymize browser fingerprint data to reduce uniqueness and help users blend into common profiles for improved privacy.
#google-search
more#google-search
Privacy technologies
fromZacks
2 weeks ago

Pardon Our Interruption

Browser settings (disabled JavaScript, disabled cookies, rapid navigation, or privacy plugins) can trigger anti-bot detection and block access; enable JavaScript and cookies to regain access.
#malware
more#malware
#javascript
more#javascript
fromTechzine Global
1 month ago

AI conversations of 8 million users leaked via browser extensions

Browser extensions that promise privacy are found to be selling AI conversations from millions of users. Security researchers at Koi Security discovered that popular VPN and ad blocker extensions are secretly intercepting all conversations with ChatGPT, Claude, and Gemini and reselling them to data brokers. Security researcher Idan Dardikman discovered the problem after wondering if anyone could read his private conversations with AI assistants.
Information security
Privacy technologies
fromArs Technica
1 month ago

Browser extensions with 8 million users collect extended AI conversations

Popular Chromium extensions intercept and transmit users' full AI-chat conversations to third-party endpoints for marketing and data-broker use.
Privacy technologies
fromTheregister
1 month ago

Chrome, Edge privacy extensions quietly snarf AI chats

Four popular browser extensions covertly harvested chatbot conversation text from over eight million users by injecting scripts that intercept and exfiltrate AI chat data.
Information security
fromTheregister
1 month ago

Browser extensions pushed malware to 4.3M Chrome, Edge users

A seven-year campaign used trusted Chrome and Edge extensions to deploy backdoors and spyware to 4.3 million users, exfiltrating data to servers in China.
Information security
fromThe Hacker News
1 month ago

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

ShadyPanda operated a seven-year browser extension campaign that amassed over 4.3 million installs and escalated to remote code execution, data exfiltration, and affiliate fraud.
[ Load more ]