CSOonline

Chrome extension privacy promises undone by hardcoded secrets, leaky HTTP

Chrome extensions were spotted leaking sensitive browser data like API keys, secrets, and tokens via unguarded HTTP transmissions and hardcoded spills. Seemingly harmless Chrome extensions aimed at ...
Bleeping Computer

Google Chrome to warn users before opening insecure HTTP sites

Google announced today that the Chrome web browser will load all public websites via secure HTTPS connections by default and ask for permission before connecting to public, insecure HTTP websites, ...

Malicious Chrome extensions caught stealing sensitive data

Chrome extensions called "Phantom Shuttle" stole user data for years before Google removed them from the Chrome Web Store ...
Bleeping Computer

Malicious Chrome extensions with 1.7M installs found on Web Store

Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser activity, and redirect to potentially unsafe web addresses. Most of the add ...