The DarkSpectre threat actor, linked to China, has exposed a series of malicious browser extensions across Chrome, Edge, and Firefox, affecting over 8.8 million users worldwide. These extensions, including ShadyPanda, GhostPoster, and The Zoom Stealer, are designed for data theft, corporate espionage, and meeting information harvesting, often masquerading as legitimate tools for video conferencing and utilities. The campaigns have been active for over seven years, with some extensions still in the trust-building phase, posing significant risks to user privacy and corporate security.
Research reveals that four popular browser extensions, including Urban VPN Proxy, have been secretly harvesting and transmitting users' AI chat conversations to third parties, despite privacy claims. These extensions inject scripts into AI platforms like ChatGPT and Meta AI, capturing and sending chat data without user consent, raising significant privacy concerns. Users are advised to uninstall these extensions immediately to protect their data.
Nearly 1 million browser extensions across Chrome, Firefox, and Edge have been exploited to covertly turn browsers into web scraping bots for a paid service, leveraging a JavaScript library called MellowTel-js. These extensions, used for various benign purposes, are being used to bypass security protections and scrape websites on behalf of paying clients, including advertisers, raising significant security concerns.
Researchers uncovered Meta's new tracking technique exploiting a loophole to spy on users' web browsing, bypassing security protections on Android devices. This highlights the ongoing privacy risks posed by Meta's surveillance practices. To protect yourself, use privacy-focused browsers like Brave or DuckDuckGo, delete untrusted apps, install privacy extensions like Privacy Badger, and limit Meta's data use. The incident underscores the need for stronger privacy laws and better browser protections, especially in Chrome, which currently lacks robust tracker blocking.
Google will begin phasing out Manifest V2 extensions in Chrome starting June 3, 2024, weakening ad blockers and other extensions. Manifest V3 aims to improve security, privacy, and performance but poses challenges for developers. Enterprises have until June 2025 to transition. Popular ad blockers like uBlock Origin are adapting, but users may face limitations. Google claims 85% of actively maintained extensions have migrated to Manifest V3.
Google Chrome is transitioning from its older Manifest V2 extension system to the more limited Manifest V3 starting next week, despite controversy and criticism from groups like the Electronic Frontier Foundation. Manifest V3 aims to improve security and privacy but restricts capabilities of extensions, particularly ad blockers. Firefox will support Manifest V3 for compatibility but will continue to support V2. Users may need to find alternatives or switch to Firefox as V2 extensions are phased out.
Google is moving forward with its plan to phase out Manifest V2 browser extensions, including ad-blockers, in favor of the newer Manifest V3. Starting Monday, users of Chrome's Beta, Dev, and Canary builds will see warnings about the impending deactivation of V2 extensions. While Manifest V3 aims to improve performance, privacy, and security, it has faced criticism for potentially reducing the effectiveness of content-blocking extensions. Google has made some concessions to developers, but the transition will be fully enforced by early 2025, with enterprises given until June 2025.
YouTube users with ad blockers report videos skipping to the end or muting, affecting both Chrome and Firefox users. The issue, which began recently, is resolved by disabling ad blockers. YouTube states ad blockers violate their Terms of Service and suggests using YouTube Premium for an ad-free experience. Workarounds include switching to uBlock Origin, using incognito mode, or trying the Brave browser.
Here are 5 tips to enhance your YouTube experience: 1) Maximize video quality by adjusting settings on both web and mobile. 2) Put videos on a loop for continuous viewing. 3) Improve your recommendations by interacting with videos and managing your watch history. 4) Use keyboard shortcuts to navigate videos and playlists more efficiently. 5) Enhance your experience with browser extensions that add extra features like picture-in-picture and uninterrupted playback.
Here are 5 quick ways to improve your YouTube experience: 1) Maximize video quality by adjusting settings on web and mobile. 2) Put videos on a loop for continuous playback. 3) Improve recommendations by interacting with videos and managing watch history. 4) Use keyboard shortcuts for easier navigation. 5) Enhance features with browser extensions like Picture-in-Picture for Chrome and YouTube NonStop for Firefox.
Google Chrome is testing a new feature that will warn users when an installed extension has been removed from the Chrome Web Store, indicating it may be malware. The Chrome Web Store is flooded with unwanted extensions that can inject ads, track user activity, and even steal personal information. These extensions are quickly replaced by new ones after Google removes them. The Safety Check feature will alert users to uninstall extensions flagged as malware or removed from the store, providing better protection against potential threats.
1Password has launched public beta versions of its browser extensions for Safari, Chrome, Firefox, Edge, and Brave, adding passkey support for the web. The company has been working on full passkey support since it was first announced by the FIDO Alliance, and has been instrumental in helping websites adopt the more secure authentication standard with its Passage developer tool. Through its Watchtower feature, 1Password will also notify users when websites they use have been updated to support passkey.
Dodging spoilers online is becoming more difficult than ever, but there are ways to protect yourself. You can mute words on Twitter, clear your YouTube history and use the "not interested" button, avoid comment sections, and use browser extensions to block words and phrases. However, it's important to accept that you may still be spoiled no matter what.
