Research reveals how these simple Chrome extensions are hawking your privacy

Research shows that even simple Chrome extensions can quietly invade user privacy, with some hijacking clipboards, ...
SecurityWeek

‘PackageGate’ Flaws Open JavaScript Ecosystem to Supply Chain Attacks

Vulnerabilities in the NPM, PNPM, VLT, and Bun package managers could lead to protection bypasses and arbitrary code ...
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

Automated Accessibility Testing on the Web: Possibilities and Limitations

Tools can help check the accessibility of web applications – but human understanding is required in many areas.

Malicious Chrome Extensions found on Web Store, Over 1 lakh users at risk: Remove now

Security researchers have discovered several malicious Chrome extensions on the official Chrome Web Store that can steal user data and compromise privacy. Some of these extensions are still available ...

Browser-based attacks hit 95% of enterprises — and traditional security tools never saw them coming

Omdia research shows 95% of organizations faced browser-based attacks last year. CrowdStrike's CTO and Clearwater Analytics' ...

New malware service guarantees phishing extensions on Chrome web store

A new malware-as-a-service (MaaS) called 'Stanley' promises malicious Chrome extensions that can clear Google's review ...

Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions are harvesting sensitive data and sending it to China.
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
Visual Studio Magazine

What a Difference a VS Code Fork Makes: Antigravity, Cursor and Windsurf Compared

VS Code forks like Cursor, Windsurf, and Google Antigravity may share a common foundation, but hands-on testing shows they ...
PCMag on MSN

Using browser extensions to translate or download videos? Better check they're not one of these 17 malicious add-ons

Cybersecurity firm LayerX uncovers 17 malicious extensions that can enable click fraud, user tracking, and more. The most popular extension was downloaded more than 500K times.
GitHub

My Code Activity Extension

Track your coding activity automatically and build a comprehensive history of your development journey. This VS Code extension seamlessly records your coding sessions and commits them to a GitHub ...