Security News > 2025 > March > Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
2025-03-10 14:47
Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. "The polymorphic extensions create a pixel perfect replica of the target's icon, HTML popup, workflows and even temporarily disables the legitimate extension, making it extremely convincing for victims to believe that they are providing credentials to
News URL
https://thehackernews.com/2025/03/researchers-expose-new-polymorphic.html
Related news
- Australian pension funds hit by wave of credential stuffing attacks (source)
- Browser extensions make nearly every employee a potential attack vector (source)
- CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download (source)
- Three Reasons Why the Browser is Best for Stopping Phishing Attacks (source)
- Researchers Demonstrate How MCP Prompt Injection Can Be Used for Both Attack and Defense (source)
- Golden Chickens Deploy TerraStealerV2 to Steal Browser Credentials and Crypto Wallet Data (source)
- Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks (source)
- Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps (source)