VulnHub

Real-time Cybersecurity News

Widely Used Browser Extensions Selling User Data

Infosecurity Magazine
Actively Exploited

Overview

Recent findings reveal that numerous browser extensions are selling user data, as disclosed in their privacy policies. These extensions, which are widely used, have been caught sharing sensitive information with third parties, raising significant concerns about user privacy and data security. The issue affects a broad range of users who rely on these extensions for various functionalities, including ad-blocking and productivity enhancements. The implications are serious, as users may unknowingly expose their personal data, browsing habits, and even login credentials. This situation calls for heightened scrutiny from both users and regulatory bodies to ensure that privacy standards are upheld and to protect individuals from potential misuse of their data.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Browser extensions that sell user data
  • Action Required: Users should review the privacy policies of their installed extensions, consider removing those that sell data, and look for alternatives that prioritize user privacy.
  • Timeline: Newly disclosed

Original Article Summary

Dozens of browser extensions openly sell user data via privacy policy disclosures

Impact

Browser extensions that sell user data

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Users should review the privacy policies of their installed extensions, consider removing those that sell data, and look for alternatives that prioritize user privacy.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

Firefox and Tor Browser vulnerability allowed hidden identifiers

SCM feed for Latest

A vulnerability in Firefox and the Tor Browser has been discovered, linked to how IndexedDB, a database used by these browsers to store data, operates. This flaw can potentially expose hidden identifiers, which can compromise user privacy and anonymity. Both browsers are widely used, especially by individuals seeking enhanced privacy online, making this issue particularly concerning. Users of these browsers should be aware of the risks associated with this vulnerability, as it may allow malicious actors to track their online activities. It is crucial for users to stay updated with the latest browser patches to mitigate these risks.

Apr 27, 2026

BlackFile actively extorting data-theft victims in retail and hospitality sector

CyberScoop

A group of attackers known as BlackFile is actively extorting companies in the retail and hospitality sectors by threatening to release stolen data. Researchers believe these attackers are linked to another group called The Com. In a disturbing tactic, they have reportedly swatted company executives, which involves falsely reporting emergencies to law enforcement to create fear and pressure victims into complying with ransom demands. This aggressive strategy not only harms the targeted businesses but also raises concerns about the safety and privacy of their executives and employees. Companies in these sectors need to be vigilant about their cybersecurity measures and consider the potential risks of data breaches and extortion attempts.

Apr 27, 2026

Utilities Tech Supplier Itron Discloses Cyber-Attack, Operations Unaffected

Infosecurity Magazine

Itron, a technology supplier for utility companies, has reported a cyber incident but believes that its operations remain unaffected. The company has not provided detailed information about the nature of the attack or whether any sensitive data was compromised. Despite the incident, Itron reassured stakeholders that it does not expect any significant impact on its business. This revelation raises concerns about the cybersecurity measures in place within critical infrastructure sectors, as attacks on utility suppliers can have broader implications for service delivery and public safety. Stakeholders in the utilities sector should remain vigilant and conduct thorough assessments of their cybersecurity protocols.

Apr 27, 2026

Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software

Security Affairs

A Chinese national executed a spear-phishing campaign targeting NASA employees by impersonating a U.S. researcher. This deception led to the unauthorized sharing of sensitive information related to defense software and export controls. The NASA Office of Inspector General is investigating the incident, which raises concerns about national security and the vulnerability of governmental agencies to social engineering attacks. Such incidents can have serious implications, as they may compromise sensitive technologies and data. The case underscores the need for enhanced cybersecurity measures and employee training to prevent future breaches.

Apr 27, 2026

LINKEDIN BROWSERGATE

Security Affairs

A recent investigation by Fairlinked, an organization representing LinkedIn users, alleges that LinkedIn is engaged in unauthorized user tracking through browser fingerprinting. This practice reportedly involves collecting device data and details from browser extensions, which are then sent to third parties in an encrypted format. The investigation claims this situation represents one of the largest data breaches and corporate espionage incidents in digital history. Users of LinkedIn may be unknowingly affected as their data could be used for tracking purposes without their consent. This raises significant privacy concerns and questions about how user data is managed by large platforms like LinkedIn.

Apr 27, 2026

20-Year-Old Malware Rewrites History of Cyber Sabotage

darkreading

Researchers have discovered a malware framework called 'fast16' that dates back to 2004, making it five years older than the notorious Stuxnet. This malware is believed to have been used in cyber sabotage efforts, potentially setting a precedent for future attacks on critical infrastructure. The implications of this discovery are significant, as it suggests that sophisticated cyber threats have been around longer than previously understood. Fast16’s existence raises concerns about the security of various industrial systems that may still be vulnerable to similar attacks. Understanding its capabilities and origins could help organizations better defend against current and future threats.

Apr 27, 2026