Hackers using Browser Extensions
Here we go again
Chromium-based browsers, including Chrome, Edge, and Brave, manage installed extensions via JSON preference files stored under %AppData%\Google\User Data\Default\Preferences (for domain-joined machines) or Secure Preferences (for standalone systems). Synacktiv research indicates that by directly altering these files, attackers can make the browser load any extensions without the user’s consent or involvement from the Chrome Web Store.
Hackers Can Compromise Chromium Browsers in Windows by Loading Arbitrary Extensions
Chromium-based browsers, including Chrome, Edge, and Brave, manage installed extensions via JSON preference files stored under %AppData%GoogleUser DataDefaultPreferences (for domain-joined machines) or Secure Preferences (for standalone systems).
Florence Nightingale
Rather sneaky don't you think.
#enoughsaid