HackerNews VN bot<p>Tin tức đáng chú ý: Một startup đang bị nghi ngờ sử dụng các tiện ích mở rộng của trình duyệt Chrome để tạo ra mạng botnet. Đây là một cảnh báo an ninh mạng nghiêm trọng, cho thấy tầm quan trọng của việc cẩn trọng khi cài đặt các extension.</p><p><a href="https://mastodon.maobui.com/tags/Botnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Botnet</span></a> <a href="https://mastodon.maobui.com/tags/ChromeExtensions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChromeExtensions</span></a> <a href="https://mastodon.maobui.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.maobui.com/tags/SecurityAlert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityAlert</span></a> <a href="https://mastodon.maobui.com/tags/Startup" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Startup</span></a> <a href="https://mastodon.maobui.com/tags/AnNinhMang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AnNinhMang</span></a> <a href="https://mastodon.maobui.com/tags/Ti%E1%BB%87n%C3%8DchChrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TiệnÍchChrome</span></a> <a href="https://mastodon.maobui.com/tags/C%E1%BA%A3nhB%C3%A1oAnNinh" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CảnhBáoAnNinh</span></a> <a href="https://mastodon.maobui.com/tags/Kh%E1%BB%9FiNghi%E1%BB%87p" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KhởiNghiệp</span></a></p><p><a href="https://www.youtube.com/watch?v=r3NDk9UuPK8" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">youtube.com/watch?v=r3NDk9UuPK8</span><span class="invisible"></span></a></p>
veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.
Administered by:
Server stats:
293active users
veganism.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-alpha.5
#chromeextensions
0 posts · 0 participants · 0 posts today
nemo™ 🇺🇦<p>🚨 Over 90 Chrome extensions—including big names like Avast, Trust Wallet & Browsec VPN—were found leaking sensitive data & credentials! 🕵️♂️🔑 Millions at risk from hardcoded secrets & unencrypted traffic. Stay safe & review your extensions!<br>Read more 👉 <a href="https://cyberinsider.com/over-90-chrome-extensions-found-exposing-sensitive-data-and-credentials/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberinsider.com/over-90-chrom</span><span class="invisible">e-extensions-found-exposing-sensitive-data-and-credentials/</span></a><br><a href="https://mas.to/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mas.to/tags/ChromeExtensions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChromeExtensions</span></a> <a href="https://mas.to/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://mas.to/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://mas.to/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>newz</span></a></p>
Yellow Flag<p>I meant to publish a rant about Google and Chrome Web Store for a while now, and now it is out: <a href="https://palant.info/2025/01/13/chrome-web-store-is-a-mess/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">palant.info/2025/01/13/chrome-</span><span class="invisible">web-store-is-a-mess/</span></a></p><p>This details many of Google’s shortcoming at keeping Chrome Web Store safe, with the conclusion: “for the end users the result is a huge (and rather dangerous) mess.”</p><p>I am explaining how Google handled (or rather didn’t handle for most part) my recent reports. How they make reporting problematic extensions extremely hard and then keep reporters in the dark about the state of these reports. How Google repeatedly chose to ignore their own policies and allowed shady, spammy and sometimes outright malicious extensions to prevail.</p><p>There is some text here on the completely meaningless “Featured” badge that is more likely to be awarded to malicious extensions than to legitimate ones. And how user reviews aren’t allowing informed decisions either because Google will allow even the most obvious fakes to remain.</p><p>I’ve also decided to publish a guest post by a researcher who wanted to remain anonymous: <a href="https://palant.info/2025/01/13/biscience-collecting-browsing-history-under-false-pretenses/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">palant.info/2025/01/13/biscien</span><span class="invisible">ce-collecting-browsing-history-under-false-pretenses/</span></a></p><p>This post provides more details on BIScience Ltd., another company selling browsing data of extension users. <span class="h-card" translate="no"><a href="https://infosec.exchange/@tuckner" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tuckner</span></a></span> and I wrote a bit about that one recently, but this has been going on since at least 2019 apparently. Google allows it as long as extension authors claim (not very convincingly) that this data collection is necessary for the extension’s functionality. It’s not that Google doesn’t have policies that would prohibit it, yet Google chooses not to enforce those.</p><p><a href="https://infosec.exchange/tags/google" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>google</span></a> <a href="https://infosec.exchange/tags/cws" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cws</span></a> <a href="https://infosec.exchange/tags/ChromeExtensions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChromeExtensions</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/ChromeWebStore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChromeWebStore</span></a></p>
VegansExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload