New timing-based vulnerabilities known as DoubleClickjacking, which exploit the gap between the start of a click and the end of the second click, have been discovered. Paulos Yibleo, a security researcher, said these vulnerabilities leverage a double-click sequence that can bypass all known clickjacking protections and facilitate account takeovers on almost all major websites. Preventative measures include disabling critical buttons unless triggered by a mouse gesture or key press, as services like Dropbox already do.
January 4 tech news roundup: Google removes legit Chrome extension instead of a malware, Microsoft displays yet another ad on Windows 11, Honey’s Pie AdBlock extension comes under fire – FileHippo News January 4 tech news roundup: Google removes legit Chrome extension instead of a malware, Microsoft displays yet another ad on Windows 11, Honey’s Pie AdBlock extension comes under fire
Google removed the popular EditThisCookie extension, which has 3 million users, from its Chrome Web Store due to its lack of support for Manifest V3.
