Google Chrome browser extensions expose users to hackers who can easily tap into their private data, including social security numbers, passwords and banking information, according to researchers at the University of Wisconsin-Madison (UW-M).
The researchers further uncovered vulnerabilities involving passwords that are stored in plain text within HTML source code on web sites of some of the world’s largest corporate giants, including Google, Amazon, Citibank, Capital One and the Internal Revenue Service.
The problem stems from the manner in which extensions access internal web page code.
Leave a reply