Cybersecurity researchers uncovered five malicious Chrome extensions impersonating tools like Workday and NetSuite, which steal authentication cookies, manipulate web content, and enable account takeovers. These threats, part of broader campaigns, risk exposing corporate secrets and highlight the need for vigilant extension management and enhanced browser security.
The WhisperPair vulnerability in Google's Fast Pair protocol exposes millions of Bluetooth earbuds and headphones from brands like Sony and Anker to silent hijacking, enabling eavesdropping, tracking, and microphone access without user interaction. Manufacturers are issuing patches, but users should update firmware promptly to mitigate privacy risks.
|
