"More Than Half of Browser Extensions Pose Security Risks"

A new study found that many of the browser extensions organizations allow employees to use when working with Software-as-a-Service (SaaS) apps like Google Workspace and Microsoft 365 have access to high levels of content and pose risks such as data theft and compliance issues. Researchers at Spin.AI conducted a risk assessment on about 300,000 browser extensions and third-party OAuth applications used in enterprise environments. The focus was Chromium-based browser extensions for multiple browsers, including Chrome and Edge. The study revealed that 51 percent of all installed extensions posed a high risk and could cause extensive harm to the organizations that used them. The extensions could capture sensitive data from enterprise apps, execute malicious JavaScript, and send protected data, such as banking information and login credentials, to external parties. This article continues to discuss findings from Spin.AI's risk assessment of nearly 300,000 browser extensions. 

Dark Reading reports "More Than Half of Browser Extensions Pose Security Risks"