Chrome extensions can steal plaintext passwords from websites(www.bleepingcomputer.com)

posted 1 year ago

flynnbot@lemmy.capebreton.socialMB

cybersecurity@lemmy.capebreton.social

5 commentshide report

Sort:

Hot Top Controversial New Old

[ - ]

gotnuffin@lemmy.world

1 point

1 year ago

Deleted by creator

permalink

report

[ - ]

CookieJarObserver@sh.itjust.works

4 points

1 year ago

Great!

permalink

report

[ - ]

wizardbeard@lemmy.dbzer0.com

3 points

1 year ago

There’s a bit of crying wolf here, as the problem is that extensions can access input fields that may be password fields (actual problem with extension access rights), and secondarily the researchers found sites storing passwords in plaintext in the page source (nothing to do with extensions having too much rights and everything to do with those sites being garbage).

Anyway, didn’t Chrome change how their extensions worked around a year ago to make them more secure and limit their access?

Thought it caused problems for ad-blockers. Guess it really was all about kicking adblockers and not a single bit about security for users.

permalink

report

[ - ]

EmperorHenry@infosec.pub

1 point

1 year ago

brave browser? adguard for desktop?

permalink

report

parent

[ - ]

argv_minus_one@beehaw.org

7 points

1 year ago

Well, yeah, of course they can. They can read the entire DOM, including the value of password fields. Were you expecting otherwise?

permalink

report

[ - ]

dingleberry@discuss.tchncs.de

0 points

1 year ago

That’s like 20 years old news.

permalink

report

Cybersecurity News

!cybersecurity@lemmy.capebreton.social

Create post

Welcome to Cybersecurity News!

A community that collect news and other tidbits related to cybersecurity in all its domains.

There are no hard and fast rules regarding what to post here-- we are fine with both pop news articles and more technical pieces regarding cybersecurity.

We use a bot called flynnbot to repost some rss feed content but the majority of posts are human-curated.

New to Cybersecurity?

Here are some resources to get you started:

Related Communities

!security_cpe@infosec.pub
!cybersecurity@zerobytes.monster
!packetstorm@zerobytes.monster
!security@programming.dev
!secops@lemmy.world
!cybersecurity@sh.itjust.works
!netsec@zerobytes.monster
!securitynews@infosec.pub
!cloudsecurity@infosec.pub
!netsec@links.hackliberty.org
!cybersecurity@infosec.pub
!cybersecuritymemes@lemmy.world

Community stats

1
Monthly active users
2.2K
Posts
589
Comments

Community stats

Community moderators