Claude AI Extension Flaw Enables Cross-Plugin Hijacking
A security flaw in the Claude AI Chrome extension could put users at risk, as it allows other browser extensions to issue commands to Claude without verification. This vulnerability creates a backdoor for hackers to hijack the AI model, warns LayerX senior researcher Aviad Gispan.
#ClaudeAiExtensionFlaw #CrosspluginHijacking #BrowserSecurity #Vulnerability #Llm
Microsoft Edge Exposes Saved Passwords in Plaintext
Microsoft Edge's password management has a concerning vulnerability: it loads all saved passwords into browser memory in plaintext at startup, making it easier for hackers to steal credentials on compromised systems. This is in stark contrast to other Chromium-based browsers like Google Chrome and Brave, which only decryptβ¦
#BrowserSecurity #CredentialTheft #PlaintextPasswords #MicrosoftEdge #ChromiumbasedBrowsers
Microsoft Edge Exposes Saved Passwords in Cleartext
Storing passwords in plain text poses a significant risk, especially in shared environments, as a security researcher recently discovered that Microsoft Edge saves decrypted credentials in its memory, making them vulnerable to exposure. This flaw allows saved passwords to be accessible even when they're not in use.
#BrowserSecurity #MicrosoftEdge #PasswordExposure #CleartextStorage #EmergingThreats
New by me: Chromeβs Silent Gemini Nano Download Has a Consent Problem
https://www.kylereddoch.me/blog/chromes-silent-gemini-nano-download-has-a-consent-problem/
#Cybersecurity #InfoSec #Privacy #GoogleChrome #Google #AI #BrowserSecurity #DigitalPrivacy #Surveillance #TechNews
Google Chrome adds approximate location sharing on Android, giving users more control over privacy
https://fed.brid.gy/r/https://nerds.xyz/2026/05/chrome-approximate-location-sharing/
Firefox Exposed: AI Model Uncovers 271 Zero-Day Vulnerabilities
Meet the AI model that just supercharged Firefox security, uncovering a whopping 271 zero-day vulnerabilities that have now been squashed in the latest update to Firefox 150. This game-changing collaboration between Firefox and Anthropic's cutting-edge tools has made the browser safer than ever.
#ZeroDay #Firefox #AiModel #VulnerabilityManagement #BrowserSecurity
π‘οΈ Now Announcing: A New Cybersecurity Session at BSides Luxembourg
ππ’π π£π₯ππππ‘π¦ππ©π ππ₯ππ ππͺπ’π₯π ππ’π₯ ππ‘πππ¬πππ‘π ππ‘π πππ§πππ§ππ‘π π ππππππ’π¨π¦ ππ₯π’πͺπ¦ππ₯ ππ«π§ππ‘π¦ππ’π‘π¦ β Van Nguyen
Take a closer look at one of the webβs most overlooked threats in this 30-minute lightning talk session feature within the Actionable CTI and Detection Engineering Village. This session dives into the growing risk of malicious browser extensions and how they silently impact millions of users through tracking, redirects, ad injection, data theft, and other unwanted actions.
Built on a curated dataset of 460 malicious extensions removed from the Chrome Web Store, this talk presents a practical detection framework combining static and dynamic analysis techniques, including CodeQL and Python-based workflows. A valuable session for analysts, threat hunters, and defenders looking to better understand browser-based threats.
Van Nguyen is a Security Analyst with a strong background in Software Engineering, Machine Learning, and IT Security, currently focusing on modern threat analysis and detection methodologies.
π
Conference Dates: 6β8 May 2026 | 09:00β18:00
π 14, Porte de France, Esch-sur-Alzette, Luxembourg
ποΈ Tickets: https://2026.bsides.lu/tickets/
π
Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026
#BSidesLuxembourg2026 #ThreatIntelligence #DetectionEngineering #BrowserSecurity #CyberSecurity #Infosec
Mozilla Firefox uses AI to hunt bugs and suddenly zero days do not feel so untouchable
https://fed.brid.gy/r/https://nerds.xyz/2026/04/firefox-ai-bug-hunting/
Analyst207
N-gated Hacker News
Kyle Reddoch (CybersecKyle)
NERDS.xyz β Real Tech News for Real Nerds [Unofficial]
OffSequence
BSidesLuxembourg