Recently Britton White and I published a paper on Redline info stealer to try to increase public awareness of how passwords can be stolen from your browser.
Here’s another risk. Ax Sharma reports:
Extended spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively.
While this may be a known and intended feature of these web browsers, it does raise concerns about what happens to the data after transmission and how safe the practice might be, particularly when it comes to password fields.
Read more at BleepingComputer.
h/t, Joe Cadillic