"Your Browser Extension Could Grab Your Password and Sensitive Info"

A team of digital security researchers at the University of Wisconsin-Madison discovered that some widely used websites are vulnerable to browser extensions capable of extracting sensitive information from HTML code, including passwords, credit card numbers, and social security numbers. About 15 percent of the more than 7,000 websites examined by the researchers retain sensitive information as plain text in their HTML source code. Although many security measures prevent hackers from accessing this information, the team hypothesized that it could be possible to uncover it using a browser extension. A malicious extension could execute JavaScript code to steal login credentials, passwords, and other sensitive information. This article continues to discuss the researchers' findings.

The University of Wisconsin-Madison reports "Your Browser Extension Could Grab Your Password and Sensitive Info"

Submitted by grigby1
 

Submitted by Gregory Rigby on