Flaw in Grammarly’s extensions opened user accounts to compromise
A vulnerability in the Grammarly Chrome and Firefox extensions allowed websites to read users’ authentication tokes and use to them to log in to the users’ …
add-ons
Another popular Chrome extension hijacked through phishing
Chris Pederick, the creator and maintainer of the Web Developer for Chrome extension, is the latest victim of attackers who hijack popular Chrome add-ons in order to push ads …
Backdoored Firefox extension checks Instagram for C&C info
Turla, an APT cyberespionage group that has been targeting corporations, intelligence and other government agencies for years, is using a malicious Firefox extension to …
LastPass is working on fixing latest code execution bug
It’s been an eventful couple of weeks for LastPass developers, as they’ve scrambled to fix a couple of serious flaws in the popular password manager’s …
LastPass extensions can be made to cough up passwords, deliver malware
LastPass Chrome and Firefox extensions contain flaws that could allow malicious websites to steal victims’ passwords or execute commands on their computer. The flaws …
Ubuntu Forums hacked again, 2 million users exposed
Canonical’s Ubuntu Forums have been hacked, and the attacker has managed to access and download part of the Forums database, containing usernames, email addresses and …
Fake Chrome LastPass extension leads to unwanted installs
A fake LastPass extension has been found lurking on the Chrome Web Store, offering promises of free and easy password management, but instead taking users for a ride involving …
Chrome Web Store developers have to improve user data transparency
Google has announced that it’s modifying the User Data Policy for the Chrome Web Store, and developers have three months to make the needed changes if they don’t …
