CyberSecurity updates
2025-01-31 00:30:52 Pacfic
2025-01-31 00:30:52 Pacfic
Zero Day Chrome Extension OAuth Attack - 2d
A zero-day exploit was discovered in the OAuth implementation for Google Chrome extensions. This vulnerability allowed malicious actors to insert malicious code into Chrome extensions via a phishing campaign. The security flaw was identified by SquareX researchers just days before a widespread attack, highlighting the critical need for improved browser security and proactive detection methods for zero day vulnerabilities. This incident led to the hijacking of multiple Chrome extensions, compromising user security.