Malicious browser extensions are a growing threat that often go overlooked. In this episode, Brad and Spencer break down why these extensions are dangerous and what you can do to protect yourself and your organization.
- The hidden risks and attack potential of browser extensions
- How threat actors leverage browser extensions for stealing data, cookies, and session tokens
- Why traditional endpoint security tools often miss these threats
- Real-world examples of hijacked popular extensions and marketplace risks
- Practical steps for detecting, mitigating, and managing browser extensions in your environment
Check out these resources:
Annex – Enterprise Software Extension Security & Management
Blog:Â https://offsec.blog/
Youtube:Â https://www.youtube.com/@cyberthreatpov
Twitter:Â https://x.com/cyberthreatpov
Follow Spencer on social ⬇
Spencer’s Links:Â https://spenceralessi.com
Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.