In other news, I'm speaking at #Authcon, a new CIAM-focused event happening inside APIDays NYC from May 14 to 15.
I'll be talking about how browsers have become gatekeepers for login and what that means for authentication, identity, and even payments.
It’s not all FUD, either! There are real opportunities here, if you’re paying attention.
Reg link + special code in the thread. It doesn’t unlock a discount, but it does prove I'm a helpful human.
Hey folks,
Just stumbled upon some interesting stuff regarding browser security. It's pretty wild how many attacks are actually funneled through browsers nowadays. 
The real kicker? A lot of companies seem to have a massive blind spot when it comes to this.
Sure, having a firewall and antivirus is crucial, that's standard stuff. But what about the jungle of browser extensions everyone's using? Seriously, who's keeping tabs on those? And then there's phishing – that tricky Google Docs phishing scheme is definitely the new headache on the block! 
Many seem to believe DLP solves everything. Truth is, attackers have gotten much savvier; they're finding clever ways to bypass those controls. Speaking as a pentester, unfortunately, I see this scenario play out constantly. 
So, here's the deal: You've *got* to pay closer attention to browser activity! Make it a point to check those extensions, really drill your employees on spotting phishing attempts, and maybe take another hard look at your DLP strategy. Oh, and let me repeat this loud and clear: Automated scans absolutely DO NOT equal a real penetration test! 
What are your thoughts on this? Running into similar issues or have different experiences? Let me know! 
Over 6 million Chrome users may have unknowingly installed extensions with hidden tracking code — some with spyware-like behavior.
Researcher John Tuckner from Secure Annex discovered 57 extensions, some of them public, others hidden and only accessible via direct URL. These extensions pose serious security and privacy risks.
Here’s what these extensions can do:
- Access cookies, including sensitive headers like 'Authorization'
- Monitor browsing behavior and collect top-visited sites
- Modify search engines and results
- Inject remote scripts into webpages via iframes
- Execute commands remotely, including opening/closing tabs
- Activate tracking features on demand
Some extensions claim to be security or privacy tools — including names like “Fire Shield Extension Protection,” “Securify,” and “Browser Checkup” — but contain heavily obfuscated code and suspicious external callbacks to domains like "unknow (dot) com".
These extensions are:
- Not searchable on the Chrome Web Store
- Actively pushed via ads and shady websites
- Operating under broad permissions without clear purpose
- Still live in some cases, despite partial takedowns
Here are some of the most-downloaded suspicious extensions:
- Cuponomia – Coupon and Cashback (700,000 users)
- Fire Shield Extension Protection (300,000 users)
- Browser WatchDog for Chrome (200,000 users)
- Securify for Chrome™ (200,000 users)
- Total Safety for Chrome™ (300,000 users)
If you use Chrome:
- Review your installed extensions
- Remove any of the above immediately
- Reset passwords for accounts you’ve accessed recently
- Avoid installing browser tools from unverified sources
At @Efani we believe privacy tools shouldn’t come with surveillance built in. Always check extension permissions — and if it asks for too much, it’s probably taking more than it gives.
Think your browser extensions are harmless? Think again.
A new report just exposed a massive blind spot in enterprise security: browser extensions.
We all use them—spell checkers, grammar tools, even GenAI assistants. But according to the Enterprise Browser Extension Security Report 2025 by LayerX, the very tools we rely on every day are exposing sensitive enterprise data.
Here’s what the report found:
- 99% of employees use browser extensions
- 53% of those extensions can access sensitive data like cookies, passwords, and page contents
- 54% of extension publishers are unknown, often identified only by a Gmail address
- Over 20% use GenAI extensions, and 58% of these have high-risk permissions
- 51% of extensions haven’t been updated in a year, making them ripe for exploitation
The risk? A single compromised extension could give attackers a backdoor into your organization.
LayerX recommends five key actions for IT and security leaders:
- Audit every extension in use
- Categorize by usage and risk
- List out permissions granted
- Assess publisher reputation and sideloading risks
- Apply adaptive, risk-based enforcement policies
At @Efani, we advocate for secure-by-default environments—because your data protection shouldn’t rely on chance or outdated extensions.
If you’re not actively managing browser extension risks in your org, now’s the time.
Browser extensions... seriously? Think of 'em like little backdoors straight into your systems.
Sure, things like spellcheckers and handy AI tools seem convenient, right? But the permissions they often demand? Honestly, it's often insane. 
Look, as a pentester, I strike gold with these *all the time*! 
We're talking cookies, passwords, browsing habits – sometimes it's all just wide open. And *then* people are shocked when they get hacked. 
Yeah, security awareness training definitely matters. But here’s what’s even more critical: you absolutely *need* to know which extensions your team is actually using! Go on, check those permissions thoroughly! Otherwise, you're just asking for trouble down the line. 
So, spill the beans: Which browser extension has given *you* a major headache before? Let's hear it!
DeadSwitch Protocol: 06 - Browser is the Weakest Link: Cloak It or Be Seen #CyberSecurity #BrowserSecurity #Privacy #Anonymity #Tor #VPN #NoTracking #Infosec #ZeroTrust #Hardening #GhostOps #DeadSwitch #TomITCafe #DigitalAnonymity #OSINT #DarkWeb #FingerprintEvasion
The Browser: A New Frontier in Data Security Challenges
As the workplace evolves, so do the methods of data exfiltration. With employees increasingly relying on browsers for both personal and corporate tasks, the risk of data leaks has surged, creating sig...
https://news.lavx.hu/article/the-browser-a-new-frontier-in-data-security-challenges
Apple patches zero-day bugs used in targeted iPhone attacks – Source: www.csoonline.com https://ciso2ciso.com/apple-patches-zero-day-bugs-used-in-targeted-iphone-attacks-source-www-csoonline-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #BrowserSecurity #vulnerabilities #CSOonline #CSOOnline #Security
Apple patches zero-day bugs used in targeted iPhone attacks https://www.csoonline.com/article/3843999/apple-patches-zero-day-bugs-used-in-targeted-iphone-attacks.html #BrowserSecurity #Vulnerabilities #Security
Gefährliche Chrome-Erweiterungen: Malware tarnt sich als vertrauenswürdige Apps
I Browser più sicuri per la tua privacy: la guida 2025
Hai mai pensato a quanto il tuo browser ti espone online? L'articolo analizza le migliori alternative expert-tested:
Blocco tracker integrato Ricerche anonime Protezione fingerprinting
Scopri perché la scelta del browser è la prima trincea della difesa digitale 
[https://www.zdnet.com/article/best-browser-for-privacy/]
#Privacy #CyberSecurity #UnoPrivacy
#OpenSource #TechEthics #BrowserSecurity
Firefox 136: A Game-Changer for Productivity with Vertical Tabs
Mozilla's latest update to Firefox introduces vertical tabs, a feature poised to revolutionize how developers and power users manage their web browsing. This innovative layout not only enhances produc...
https://news.lavx.hu/article/firefox-136-a-game-changer-for-productivity-with-vertical-tabs
Supply Chain Attack: Malicious Browser Extensions Target Users via Compromised Developer Accounts
In a sophisticated attack, threat actors exploited compromised developer accounts to distribute malicious browser extensions through the Chrome Web Store. This incident highlights the vulnerabilities ...
About Google Chrome's "This extension may soon no longer be supported" — https://github.com/gorhill/uBlock/wiki/About-Google-Chrome%27s-%22This-extension-may-soon-no-longer-be-supported%22
#HackerNews #GoogleChrome #Extensions #Support #uBlock #BrowserSecurity #TechNews
Trust in Firefox and Mozilla Is Gone – Let's Talk Alternatives — https://boilingsteam.com/poll-trust-in-firefox-mozilla-is-gone/
#HackerNews #TrustInFirefox #MozillaAlternatives #BrowserSecurity #OpenSource #PrivacyConcerns
Mozilla's Trust Crisis: The Shifting Landscape of Browser Privacy
Mozilla's recent changes to its privacy policies have sparked a significant backlash, leading to a crisis of trust among Firefox users. As alternatives gain traction, the implications for software dev...
https://news.lavx.hu/article/mozilla-s-trust-crisis-the-shifting-landscape-of-browser-privacy
Mozilla verlängert Firefox-Support für Windows 7
https://techupdate.io/sicherheit/mozilla-verlaengert-firefox-support-fuer-windows-7/50175/
The Browser as a New Cybersecurity Battleground: Evolving Threats and Defense Strategies
As cybercriminals shift their focus to browser-based attacks, traditional security measures are proving inadequate. This article explores the emerging threats within browsers and the need for innovati...
Jaja, der Listenheini wieder. Diesmal hat mich mein Research zu sog. "Text Substition Tools" geführt. Sowas wie #ahk teilweise auch als Browser-Extension. Nich ganz unheikel. Deshalb bin ich auch bei sowas wie #ScamAdviser #Virustotal oder #BrowserAudit vorbei gekommen. Schaut mein kleines erstes Forschungsergebnis:
https://y.lab.nrw/txt-clip (Hedgedoc)
Gerne ergänzen, wie ihr hier gute Lösungen kennt.
Google's Chrome Sync Discontinuation: A Call to Modernize Browser Security
In a significant move, Google will discontinue its Chrome Sync feature for browsers older than four years, urging users to update to the latest versions. This decision highlights the ongoing battle ag...
mastodon uno admin 
