all InfoSec news
I discovered a vulnarable extension. What to do?
Jan. 5, 2022, 4:23 p.m. | /u/shopovbogomil
cybersecurity www.reddit.com
Today I found vulnerability in a chrome plugin that allows attackers to create, with easy, phishing attacks and try other attempts.
I reported it to Google and to the makers, but in case no one reacts what do you think next step should be?
The basics is - in the plugin there is a API point of sending e-mails with the credentials in plaintext inside the plugin.
The attack three could be like this:
- an attacker could use it …
!-->More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Security Operations Manager (f/d/m), 80-100%
@ Alpiq | Lausanne, CH
Project Manager - Cyber Security
@ Quantrics Enterprises Inc. | Philippines
Sr. Principal Application Security Engineer
@ Gen | DEU - Tettnang, Kaplaneiweg
(Senior) Security Architect Car IT/ Threat Modelling / Information Security (m/f/x)
@ Mercedes-Benz Tech Innovation | Ulm
Information System Security Officer
@ ManTech | 200AE - 375 E St SW, Washington, DC