Sveriges mest populära poddar
CyberWire Daily
NyheterDagliga nyheter

A cute cover for a dangerous vulnerability. [Research Saturday]

22 min18 januari 2025

Nati Tal, Head of Guardio Labs, sits down to share their work on “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack. Guardio Labs has uncovered a critical vulnerability in the Opera browser, enabling malicious extensions to exploit Private APIs for actions like screen capturing, browser setting changes, and account hijacking.

Highlighting the ease of bypassing extension store security, researchers demonstrated how a puppy-themed extension exploiting this flaw could infiltrate both Chrome and Opera's extension stores, potentially reaching millions of users. This case underscores the delicate balance between enhancing browser productivity and ensuring robust security measures, revealing the alarming tactics modern threat actors employ to exploit trusted platforms.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Fler avsnitt av CyberWire Daily

Visa alla avsnitt av CyberWire Daily
More bark than byte. [Research Saturday]
24 min
Factory reset required.
25 min
Gone with the command.
25 min
Klue me in on the breach.
28 min
All eyes on AI.
25 min
The Klue is in the data trail.
30 min
Vulnerability response: Built for humans, outpaced by machines. [CyberWire-X]
25 min
Navigating the GPS threat landscape, with Brandon Karpf. [T-Minus: Space-Cyber Briefing]
32 min
Peeling back Banana RAT. [Research Saturday]
29 min
CyberWire Daily at 10: A decade of leaks, espionage, and influence operations. [Special Edition]
26 min

CyberWire Daily med N2K Networks finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.