Despite Google’s latest efforts to enhance security, many extensions continue to exploit loopholes in its latest extension framework, Manifest V3 (MV3), potentially exposing millions to data theft and malware. To improve browser extension security, SquareX is developing solutions including fine-tuned policies that allow administrators to decide which extensions to permit and real-time blocking of network requests made by extensions.
New ‘SleepyDuck’ Malware in Open VSX Marketplace Allow Attackers to Control Windows Systems Remotely
A sophisticated remote access trojan named SleepyDuck has infiltrated the Open VSX IDE extension marketplace, targeting developers using code editors like Cursor and Windsurf. The
