Distributors of unwanted Chrome extensions are coming up with new, sneaky, and simple methods to trick users into installing their extensions now that Google has banned inline installs.
In an announcement today, Google has stated that they are dropping the hammer on malicious extensions and will no longer tolerate ones that ask for powerful permissions for no reason, use external scripts, or obfuscate their code.
Malwarebytes has released a Chrome and Firefox extension called "Malwarebytes Browser Extension (BETA)" that aims to protect your computer while browsing the web. When installed, this extension will block malicious sites, popups, tech support scams, and also acts as an advertising and tracking blocker.
In what appears to be one gigantic goof, Google removed the official Chrome extension of the Metamask Ethereum wallet from the Chrome Web Store but left a fake one unharmed.
An investigation by AdGuard, an ad-blocking platform, has revealed a common link between several Chrome and Firefox extensions and Android & iOS apps that were caught collecting highly personal user data through various shady tactics.
Opera 55 Beta, released last week, allows users, for the first time, to install Chrome extensions from Google's official Web Store with one click and no other trickery involved.
A new Chrome Extension called "Windows Timeline for Chrome" is being developed that will send Chrome Activity to the Microsoft Graph. This will allow sites visited by Chrome to appear in the Windows 10 Timeline.
A hacker has breached a Hola VPN developer account and has replaced the official Chrome extension with one that redirected users of the MyEtherWallet.com website to a phishing page controlled by the attacker.
Google and Mozilla have removed the Stylish browser extension from their respective add-on stores after the publication of a report this week that accused the extension of logging users' browser histories and sending the data to remote servers.
Google announced plans today to gradually remove the option of installing Chrome extensions from a remote website, also known as an "inline installation."
Microsoft has released a Chrome extension named "Windows Defender Browser Protection" that ports Windows Defender's —and inherently Edge's— anti-phishing technology to Google Chrome.
Software developer Marco Chiappetta has built a Google Chrome extension that can detect attempts to fingerprint text using the "zero-width character" technique.
Google announced that effective today, the Chrome Web Store review staff would stop accepting new extensions on the Web Store that perform cryptocurrency mining operations.
The team from Phish.ai has developed and released a Google Chrome extension that can detect when users are accessing domains spelled using non-standard Unicode characters and warn the users about the potential of a homograph attack.
With the recent report of Facebook user's data being harvested and used for information warfare, many people are looking to delete their accounts or at least their Facebook posts in order to have a clean slate. Deleting posts, though, can be a very time consuming task as you normally would have to go into each and every post and manu
Just three months after Princeton researchers were warning users of the dangers of "session replay" attacks, developers of malicious Chrome extensions have incorporated this "trick" into their latest "releases."
Security researchers from US cyber-security firm ICEBRG have spotted four Chrome extensions featuring malicious code that were available through the official Chrome Web Store.
Security researcher Bryan Campbell discovered a malicious Chrome extension today that is masquerading as the legitimate MinerBlock extension. The legitimate MinerBlock extension is used to block sites that utilize in-browser cryptocurrency mining, while the malicious version causes Chrome to repeatedly play videos in the background.