AI & Machine Learning

When browser extensions become live surveillance

Ali Nemati5 days ago25 sec read13 views

Researchers discovered a seven-year campaign where hundreds of Chrome and Edge extensions were covertly turned into surveillance tools, harvesting sensitive user data and enabling remote code execution. This highlights the critical need for content creators to implement strict security measures, such as allow-lists and least privilege permissions, to protect against malicious extension updates and maintain user trust.

Read the full article at DEV Community

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

Comments

Security news weekly round-up - 13th March 2026

This week's security round-up highlights new vulnerabilities in AI systems like OpenClaw and Perplexity's Comet browser, where misconfigurations can lead to data breaches and phishing scams. Additionally, it reports on persistent malware affecting ro...

Ali Nemati

Legal & Policy7 hours ago30 sec read

The IRS's Verification System for Sharing Taxpayer Data With ICE Would Have Accepted 'Don't Care 12345' as a Valid Address

A federal judge found that the IRS violated federal law 42,695 times by sharing taxpayer addresses with ICE using a verification process so flawed it would accept nonsensical entries like "Don't Care 12345" as valid addresses. This incident highlight...

Ali Nemati

Cybersecurity9 hours ago23 sec read

Starbucks HR Portal Breach Exposes Employee Information

Starbucks experienced a data breach where attackers accessed employee information through phishing websites mimicking the company’s HR portal, exposing sensitive personal and financial details of hundreds of employees. This highlights the critical ne...

Ali Nemati

AI & Machine Learning12 hours ago24 sec read

I Built a Test Data Generator for 38 Countries - Here's What I Learned

An Android developer created Test Nexus to automate test data generation for 38 countries, addressing issues like incorrect phone number formats, invalid national IDs, and inconsistent address formats. This tool helps content creators ensure their ap...

Ali Nemati

Tech & Gadgets14 hours ago25 sec read

Launch HN: Captain (YC W26) - Automated RAG for Files

Captain, a new tool by Lewis and Edgar, automates the creation and maintenance of file-based RAG pipelines, simplifying unstructured data search for content creators by handling complex tasks like indexing, embedding, and re-ranking through a single ...

Ali Nemati

When browser extensions become live surveillance

Related Articles

Security news weekly round-up - 13th March 2026

The IRS's Verification System for Sharing Taxpayer Data With ICE Would Have Accepted 'Don't Care 12345' as a Valid Address

Starbucks HR Portal Breach Exposes Employee Information

I Built a Test Data Generator for 38 Countries - Here's What I Learned

Launch HN: Captain (YC W26) - Automated RAG for Files