all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

Add to bookmarks
March 27, 2024, 12:54 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions. 
"This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," Guardio

actions api attacker attackers browser bug edge exploit extensions flaw install malicious malicious extensions marketing microsoft microsoft edge private security security flaw systems web web browser

Visit resource

More from thehackernews.com / The Hacker News

Bogus npm Packages Used to Trick Software Developers into Installing Malware 6 hours ago | thehackernews.com
backdoor bogus campaign cybersecurity +25
Severe Flaws Disclosed in Brocade SANnav SAN Management Software 21 hours ago | thehackernews.com
application area brocade compromise +17
10 Critical Endpoint Security Tips You Should Know 1 day ago | thehackernews.com
breaches business connectivity critical +20
New 'Brokewell' Android Malware Spread Through Fake Browser Updates 1 day ago | thehackernews.com
analysis android android malware banking +15
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack 1 day, 1 hour ago | thehackernews.com
alto attack command critical +23
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites 1 day, 5 hours ago | thehackernews.com
accounts admin automatic bug +18
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures 1 day, 18 hours ago | thehackernews.com
access actor binary called +19
Network Threats: A Step-by-Step Attack Demonstration 2 days ago | thehackernews.com
access advanced attack attackers +21
DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions 2 days ago | thehackernews.com
arrest arrests called criminal +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Cybersecurity - Governance, Risk and Compliance (GRC)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Information Security Risk Metrics Lead

@ Live Nation Entertainment | Work At Home-Connecticut
View on infosec-jobs.com

IT Product Owner - Enterprise DevSec Platform (d/f/m)

@ Airbus | Hamburg - Finkenwerder
View on infosec-jobs.com

Senior Information Security Specialist

@ Arthur Grand Technologies Inc | Arlington, VA, United States
View on infosec-jobs.com

Information Security Controls SME

@ Sword | Aberdeen, Scotland, United Kingdom
View on infosec-jobs.com
View more jobs