#browser-extensions

[ follow ]
#javascript #cookies #bot-detection #browser-settings #malware #data-protection #google-search #ai-agent-security
Information security
fromSecurityWeek
5 days ago

Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover

ClaudeBleed lets malicious extensions or scripts send privileged commands to Claude in Chrome, enabling remote prompt injection and bypassing user-confirmation protections.
Information security
fromTechRepublic
3 weeks ago

Malicious TikTok Downloader Extensions Quietly Compromised 130K Users

Browser extensions disguised as TikTok video downloaders are compromising user data, highlighting vulnerabilities in enterprise security.
Information security
fromThe Hacker News
1 month ago

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

AI browser extensions pose significant security risks, often overlooked, with vulnerabilities and access that can compromise enterprise networks.
Privacy technologies
fromZDNET
1 month ago

This free privacy tool makes it super easy to see which sites are selling your data

Global Privacy Control is a 2020 movement offering browser extensions and tools to help users opt out of data selling by automatically signaling their privacy preferences to websites.
Privacy professionals
fromTheregister
2 months ago

Chatbot data harvesting yields sensitive personal info

Data brokers sell access to sensitive personal information from chatbot conversations captured through browser extensions, despite claims of anonymization and consent.
#bot-detection
more#bot-detection
#javascript
more#javascript
Privacy technologies
fromComputerworld
2 months ago

Leaky Chrome extensions with 37M installs caught divulging your browsing history

Browser extension data collection can expose internal URLs and cookies, enabling corporate espionage and credential harvesting of active web sessions.
Privacy professionals
fromZacks
2 months ago

Pardon Our Interruption

Browser settings, rapid navigation, or extensions that block JavaScript or cookies can trigger anti-bot protections and block access until cookies and JavaScript are enabled.
fromZDNET
3 months ago

Half of Chrome's AI extensions are harvesting your data - see the surprising worst offenders

AI is only increasing that threat, especially when it comes to tracking user data -- and some of your most commonly used apps are doing a lot of the scraping. New research from data removal service Incogni finds that more than half of a sample set of AI Chrome extensions collect user data. Almost a third are "gathering personally identifiable information (PII)."
Privacy technologies
Information security
fromTechRepublic
3 months ago

Chrome Add-On Caught Stealing Amazon Commissions

Amazon Ads Blocker hijacks Amazon affiliate links, replacing creators' tags with developer tag 10xprofit-20 to redirect commissions while appearing to block sponsored ads.
fromSearch Engine Roundtable
3 months ago

Google Says Don't Spend Too Much Time On Redirects Analysis For SEO

There are a bunch of browser extensions that do this already (eg Redirect Path from Ayima is one I see a lot in screenshots, and CSP is very different from redirects, so I don't understand the connection). I don't recall a time when I ran into something like this causing SEO issues which weren't also visible to average users in their browsers.
Web development
Privacy technologies
fromZacks
3 months ago

Pardon Our Interruption

Access blocked for bot-like behavior; enable JavaScript and cookies and disable extensions that block scripts, or slow automated navigation to regain access.
Television
fromZDNET
3 months ago

21 secret Netflix settings I use to instantly upgrade my streaming experience

Netflix includes hidden settings, numeric genre codes, and browser extensions that unlock more content, discovery, and customization options.
fromSecurityWeek
3 months ago

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

The tools were designed to intercept users' ChatGPT session authentication tokens and send them to a remote server, but they don't exploit ChatGPT vulnerabilities to do so. Instead, they inject a content script into chatgpt.com and execute it in the MAIN JavaScript world. The script monitors outbound requests initialized by the web application, to identify and extract authorization headers and send them to a second content script, which exfiltrates them to the remote server.
Information security
Digital life
fromFast Company
3 months ago

5 Chrome dashboard extensions to make your start page more useful

The Chrome New Tab page can be transformed from an empty white void into a useful command center using extensions like Momentum and Bonjourr.
Privacy technologies
fromMUO
3 months ago

This tiny Chrome extension fights fingerprinting without breaking sites

A fingerprint-spoofer browser extension can anonymize browser fingerprint data to reduce uniqueness and help users blend into common profiles for improved privacy.
#google-search
more#google-search
Privacy technologies
fromZacks
4 months ago

Pardon Our Interruption

Browser settings (disabled JavaScript, disabled cookies, rapid navigation, or privacy plugins) can trigger anti-bot detection and block access; enable JavaScript and cookies to regain access.
Information security
fromThe Hacker News
4 months ago

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

A Chinese-linked actor called DarkSpectre used malicious browser extensions across Chrome, Edge, Firefox, and Opera to compromise approximately 8.8 million users via three campaigns.
[ Load more ]