Sep 292011
 
 September 29, 2011  Breaches, Online

27 of a 100 tested Google Chrome extensions have been found vulnerable to data (passwords, history, etc.) extraction attacks though specially crafted malicious websites or by attackers on public WiFi networks.

[…]

But, there’s also good news: 49 of the 51 vulnerabilities found can be patched by simply adapting the extensions to use one of two offered Content Security Policies (CSP).

Read more on Help Net Security.

Sorry, the comment form is closed at this time.