A recent report reveals that popular Chrome extensions are leaking sensitive user data over insecure HTTP connections, exposing users to security risks. Users and developers are urged to switch to HTTPS to protect privacy and prevent MITM attacks. #ChromeExtensions #HTTPLeaks
Keypoints
- Several widely-used Chrome extensions transmit sensitive data over unencrypted HTTP connections.
- Extensions like SEMRush Rank, PI Rank, and Browsec VPN leak browsing data and user information, risking MITM attacks.
- Browsec VPNâs uninstall process and manifest permissions reveal user statistics and connection details via HTTP.
- Microsoft-branded extensions such as MSN New Tab leak persistent Machine IDs and OS details, enabling user profiling.
- Even security-focused tools like DualSafe Password Manager send telemetry data insecurely, undermining trust.
Views: 29