 |
Research SaturdayAuthor: N2K Networks
Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries. Language: en Genres: News, Tech News, Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
A cute cover for a dangerous vulnerability.
Episode 361
Friday, 17 January, 2025
Nati Tal, Head of Guardio Labs, sits down to share their work on “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack. Guardio Labs has uncovered a critical vulnerability in the Opera browser, enabling malicious extensions to exploit Private APIs for actions like screen capturing, browser setting changes, and account hijacking. Highlighting the ease of bypassing extension store security, researchers demonstrated how a puppy-themed extension exploiting this flaw could infiltrate both Chrome and Opera's extension stores, potentially reaching millions of users. This case underscores the delicate balance between enhancing browser productivity and ensuring robust security measures, revealing the alarming tactics modern threat actors employ to exploit trusted platforms. The research can be found here: “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack Learn more about your ad choices. Visit megaphone.fm/adchoices
