• About TC
  • Affiliate Disclaimer
  • Privacy Policy
  • TOS
  • Contact
Wednesday, June 11, 2025
Techcratic
  • TC
  • AI
    Artificial Intelligence

    Bridging the Gap: New Datasets Push Recommender Research Toward Real-World Scale

    Artificial Intelligence

    7 Python Errors That Are Actually Features

    Artificial Intelligence

    10 Awesome OCR Models for 2025

    Artificial Intelligence

    5 Error Handling Patterns in Python (Beyond Try-Except)

    Artificial Intelligence

    Top 5 Alternative Data Career Paths and How to Learn Them for Free

    Artificial Intelligence

    Implementing Machine Learning Pipelines with Apache Spark

    Artificial Intelligence

    Learn Power BI for Free This Week

    Artificial Intelligence

    Build GraphRAG applications using Amazon Bedrock Knowledge Bases

    Artificial Intelligence

    How to Use Deep Research Like a Pro

  • Crypto
    Strategy Begins Nasdaq Trading of New Stock With $980M Bitcoin-Fueled Momentum

    Strategy Begins Nasdaq Trading of New Stock With $980M Bitcoin-Fueled Momentum

    Crypto Prices Set To Move Higher After US Progress on Trade

    Crypto Prices Set To Move Higher After US Progress on Trade

    Crypto ETF Surge: Bitcoin and Ether Funds Attract Over $550 Million as Inflows Continue

    Crypto ETF Surge: Bitcoin and Ether Funds Attract Over $550 Million as Inflows Continue

    From ETFs to Strategic Bitcoin Reserve: Inside Trump’s crypto playbook

    From ETFs to Strategic Bitcoin Reserve: Inside Trump’s crypto playbook

    Crypto Lost $1.64 Billion to Hackers in Q1 2025

    Why Is Crypto Up Today? – June 11, 2025

    UK FCA Creates New Deputy Chief Executive Role to Oversee Regulation of Stablecoin and Crypto Firms

    UK FCA Creates New Deputy Chief Executive Role to Oversee Regulation of Stablecoin and Crypto Firms

    Bitcoin Bull Cycle is Over: CryptoQuant CEO

    GameStop Bought 4,710 Bitcoin in 5 Weeks

    Moscow Exchange Launches Landmark Bitcoin Index

    Moscow Exchange Launches Landmark Bitcoin Index

    ETH Short Liquidations May Send Ether Price to $3K

    ETH Short Liquidations May Send Ether Price to $3K

  • Cybersecurity
    Cybersecurity

    5 Lessons from River Island

    Cybersecurity

    INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

    Cybersecurity

    SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

    Cybersecurity

    Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud

    Cybersecurity

    Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps

    Cybersecurity

    Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account

    Cybersecurity

    CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog

    Cybersecurity

    Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025

    Cybersecurity

    Empower Users and Protect Against GenAI Data Loss

  • Deals
    acer Aspire Premium Laptop | AMD Ryzen 7 5700U (Beats i7-1250U) CPU | 64GB RAM | 2TB SSD…

    acer Aspire Premium Laptop | AMD Ryzen 7 5700U (Beats i7-1250U) CPU | 64GB RAM | 2TB SSD…

    WALI Dual Monitor Mount, Adjustable Gas Spring Monitor Desk Stand for 2 Monitors, Heavy…

    WALI Dual Monitor Mount, Adjustable Gas Spring Monitor Desk Stand for 2 Monitors, Heavy…

    Lekvey Ergonomic Mouse, Vertical Wireless Mouse – Rechargeable 2.4GHz Optical Vertical…

    Lekvey Ergonomic Mouse, Vertical Wireless Mouse – Rechargeable 2.4GHz Optical Vertical…

    GTPLAYER Gaming Chair, Computer Office Chair with Pocket Spring Cushion, Linkage…

    GTPLAYER Gaming Chair, Computer Office Chair with Pocket Spring Cushion, Linkage…

    South Park: The Stick of Truth – Xbox 360 (Renewed)

    South Park: The Stick of Truth – Xbox 360 (Renewed)

    Dangerous Game: The Legacy Murders [DVD]

    Dangerous Game: The Legacy Murders [DVD]

    TOSY Flying Disc – 16 Million Colors RGB or 36 LEDs, Extremely Bright, Smart Modes,…

    TOSY Flying Disc – 16 Million Colors RGB or 36 LEDs, Extremely Bright, Smart Modes,…

    Transcend TS256GMTE220S 256GB M.2 PCIe Gen3x4 80mm Internal Solid State Drive

    Transcend TS256GMTE220S 256GB M.2 PCIe Gen3x4 80mm Internal Solid State Drive

    Cable Matters 10Gbps Short USB C to Micro USB 3.0 Cable – 1ft, USB-C Hard Drive Cable,…

    Cable Matters 10Gbps Short USB C to Micro USB 3.0 Cable – 1ft, USB-C Hard Drive Cable,…

  • Gaming
    Pokemon Violet Walkthrough Part 6: Paldea is Our Cloyster!

    Pokemon Violet Walkthrough Part 6: Paldea is Our Cloyster!

    How To Get KINGAMBIT in Pokemon Scarlet and Violet!

    How To Get KINGAMBIT in Pokemon Scarlet and Violet!

    Aniimo: Breaking Down This Beautiful Creature Collector – Sign Up for a Closed Beta!

    Aniimo: Breaking Down This Beautiful Creature Collector – Sign Up for a Closed Beta!

    Zelda Ocarina of Time HD 100% Walkthrough – Part 15 – Zora's Domain | King Zora

    Zelda Ocarina of Time HD 100% Walkthrough – Part 15 – Zora's Domain | King Zora

    My Let's Play Zelda Ocarina of Time Walkthrough 25 HD

    My Let's Play Zelda Ocarina of Time Walkthrough 25 HD

    The Legend of Zelda: Ocarina of Time Walkthrough! – #11

    The Legend of Zelda: Ocarina of Time Walkthrough! – #11

    European Broadcasting Union and NVIDIA Partner on Sovereign AI

    European Broadcasting Union and NVIDIA Partner on Sovereign AI

    Zelda Minish Cap 100% Walkthrough – Part 28/61 – Flippers, Bomb Bag & Quiver Upgrade (Commentary)

    Zelda Minish Cap 100% Walkthrough – Part 28/61 – Flippers, Bomb Bag & Quiver Upgrade (Commentary)

    Majora's Mask Walkthrough – 15 – Goron's Lullaby

    Majora's Mask Walkthrough – 15 – Goron's Lullaby

  • Tesla
    Dashboard Mobile Phone Holder, Non-Slip 360 Degree Rotatable Navigation Bracket,…

    Dashboard Mobile Phone Holder, Non-Slip 360 Degree Rotatable Navigation Bracket,…

    Skechers Car Floor Mats,Heavy Duty Rubber Car Mats Full Set,All WeatherFloor…

    Skechers Car Floor Mats,Heavy Duty Rubber Car Mats Full Set,All WeatherFloor…

    Center Console Organizer Behind Screen Storage Box for 2024 Tesla Cybertruck…

    Center Console Organizer Behind Screen Storage Box for 2024 Tesla Cybertruck…

    Tesla is done in Germany: 94% say they won’t buy a Tesla car

    Tesla owners sue to break their leases over Musk making the cars ‘far-right totems’

    Flag Pole Holder Kit for Tesla Cybertruck, Lymorexan L Track Flag Pole Mount Kit for…

    Flag Pole Holder Kit for Tesla Cybertruck, Lymorexan L Track Flag Pole Mount Kit for…

    3PCS Center Console Accessories for Tesla New Model Y Juniper 2025 Model 3 Highland 2024…

    3PCS Center Console Accessories for Tesla New Model Y Juniper 2025 Model 3 Highland 2024…

    Car Sound Deadening Roller, Audio Sound Deadener Application Installation Metal Seam…

    Car Sound Deadening Roller, Audio Sound Deadener Application Installation Metal Seam…

    iZEEKER 2.5K Dash Cam WiFi Dash Camera for Cars, Mini Car Camera 1440P Front Dashcams…

    iZEEKER 2.5K Dash Cam WiFi Dash Camera for Cars, Mini Car Camera 1440P Front Dashcams…

    2 Pack For Tesla Model X 2017-2024 Front/Back Under Seat Storage Organizer,TPE…

    2 Pack For Tesla Model X 2017-2024 Front/Back Under Seat Storage Organizer,TPE…

  • UFO
    Trump Discusses Drone Sightings Along US East Coast | #CISNewsStudio1s

    Trump Discusses Drone Sightings Along US East Coast | #CISNewsStudio1s

    Roswell Conspiracies: Aliens, Myths & Legends, Vol. 1

    Roswell Conspiracies: Aliens, Myths & Legends, Vol. 1

    5 Shocking Nature Sky Phenomena That Actually Happened!

    5 Shocking Nature Sky Phenomena That Actually Happened!

    UFO Hunters – Season 1 (History) (Steelbook) [DVD]

    UFO Hunters – Season 1 (History) (Steelbook) [DVD]

    The Bizarre Handbag Figure Found In Mesoamerica

    The Bizarre Handbag Figure Found In Mesoamerica

    NOVA: What are UFOs?

    NOVA: What are UFOs?

    They Are Already Here: UFO Culture and Why We See Saucers

    They Are Already Here: UFO Culture and Why We See Saucers

    Alien: Romulus

    Alien: Romulus

    Top 25 Alien Encounters: UFO Case Files Exposed [DVD]

    Top 25 Alien Encounters: UFO Case Files Exposed [DVD]

No Result
View All Result
  • TC
  • AI
    Artificial Intelligence

    Bridging the Gap: New Datasets Push Recommender Research Toward Real-World Scale

    Artificial Intelligence

    7 Python Errors That Are Actually Features

    Artificial Intelligence

    10 Awesome OCR Models for 2025

    Artificial Intelligence

    5 Error Handling Patterns in Python (Beyond Try-Except)

    Artificial Intelligence

    Top 5 Alternative Data Career Paths and How to Learn Them for Free

    Artificial Intelligence

    Implementing Machine Learning Pipelines with Apache Spark

    Artificial Intelligence

    Learn Power BI for Free This Week

    Artificial Intelligence

    Build GraphRAG applications using Amazon Bedrock Knowledge Bases

    Artificial Intelligence

    How to Use Deep Research Like a Pro

  • Crypto
    Strategy Begins Nasdaq Trading of New Stock With $980M Bitcoin-Fueled Momentum

    Strategy Begins Nasdaq Trading of New Stock With $980M Bitcoin-Fueled Momentum

    Crypto Prices Set To Move Higher After US Progress on Trade

    Crypto Prices Set To Move Higher After US Progress on Trade

    Crypto ETF Surge: Bitcoin and Ether Funds Attract Over $550 Million as Inflows Continue

    Crypto ETF Surge: Bitcoin and Ether Funds Attract Over $550 Million as Inflows Continue

    From ETFs to Strategic Bitcoin Reserve: Inside Trump’s crypto playbook

    From ETFs to Strategic Bitcoin Reserve: Inside Trump’s crypto playbook

    Crypto Lost $1.64 Billion to Hackers in Q1 2025

    Why Is Crypto Up Today? – June 11, 2025

    UK FCA Creates New Deputy Chief Executive Role to Oversee Regulation of Stablecoin and Crypto Firms

    UK FCA Creates New Deputy Chief Executive Role to Oversee Regulation of Stablecoin and Crypto Firms

    Bitcoin Bull Cycle is Over: CryptoQuant CEO

    GameStop Bought 4,710 Bitcoin in 5 Weeks

    Moscow Exchange Launches Landmark Bitcoin Index

    Moscow Exchange Launches Landmark Bitcoin Index

    ETH Short Liquidations May Send Ether Price to $3K

    ETH Short Liquidations May Send Ether Price to $3K

  • Cybersecurity
    Cybersecurity

    5 Lessons from River Island

    Cybersecurity

    INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

    Cybersecurity

    SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

    Cybersecurity

    Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud

    Cybersecurity

    Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps

    Cybersecurity

    Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account

    Cybersecurity

    CISA Adds Erlang SSH and Roundcube Flaws to Known Exploited Vulnerabilities Catalog

    Cybersecurity

    Malicious Browser Extensions Infect 722 Users Across Latin America Since Early 2025

    Cybersecurity

    Empower Users and Protect Against GenAI Data Loss

  • Deals
    acer Aspire Premium Laptop | AMD Ryzen 7 5700U (Beats i7-1250U) CPU | 64GB RAM | 2TB SSD…

    acer Aspire Premium Laptop | AMD Ryzen 7 5700U (Beats i7-1250U) CPU | 64GB RAM | 2TB SSD…

    WALI Dual Monitor Mount, Adjustable Gas Spring Monitor Desk Stand for 2 Monitors, Heavy…

    WALI Dual Monitor Mount, Adjustable Gas Spring Monitor Desk Stand for 2 Monitors, Heavy…

    Lekvey Ergonomic Mouse, Vertical Wireless Mouse – Rechargeable 2.4GHz Optical Vertical…

    Lekvey Ergonomic Mouse, Vertical Wireless Mouse – Rechargeable 2.4GHz Optical Vertical…

    GTPLAYER Gaming Chair, Computer Office Chair with Pocket Spring Cushion, Linkage…

    GTPLAYER Gaming Chair, Computer Office Chair with Pocket Spring Cushion, Linkage…

    South Park: The Stick of Truth – Xbox 360 (Renewed)

    South Park: The Stick of Truth – Xbox 360 (Renewed)

    Dangerous Game: The Legacy Murders [DVD]

    Dangerous Game: The Legacy Murders [DVD]

    TOSY Flying Disc – 16 Million Colors RGB or 36 LEDs, Extremely Bright, Smart Modes,…

    TOSY Flying Disc – 16 Million Colors RGB or 36 LEDs, Extremely Bright, Smart Modes,…

    Transcend TS256GMTE220S 256GB M.2 PCIe Gen3x4 80mm Internal Solid State Drive

    Transcend TS256GMTE220S 256GB M.2 PCIe Gen3x4 80mm Internal Solid State Drive

    Cable Matters 10Gbps Short USB C to Micro USB 3.0 Cable – 1ft, USB-C Hard Drive Cable,…

    Cable Matters 10Gbps Short USB C to Micro USB 3.0 Cable – 1ft, USB-C Hard Drive Cable,…

  • Gaming
    Pokemon Violet Walkthrough Part 6: Paldea is Our Cloyster!

    Pokemon Violet Walkthrough Part 6: Paldea is Our Cloyster!

    How To Get KINGAMBIT in Pokemon Scarlet and Violet!

    How To Get KINGAMBIT in Pokemon Scarlet and Violet!

    Aniimo: Breaking Down This Beautiful Creature Collector – Sign Up for a Closed Beta!

    Aniimo: Breaking Down This Beautiful Creature Collector – Sign Up for a Closed Beta!

    Zelda Ocarina of Time HD 100% Walkthrough – Part 15 – Zora's Domain | King Zora

    Zelda Ocarina of Time HD 100% Walkthrough – Part 15 – Zora's Domain | King Zora

    My Let's Play Zelda Ocarina of Time Walkthrough 25 HD

    My Let's Play Zelda Ocarina of Time Walkthrough 25 HD

    The Legend of Zelda: Ocarina of Time Walkthrough! – #11

    The Legend of Zelda: Ocarina of Time Walkthrough! – #11

    European Broadcasting Union and NVIDIA Partner on Sovereign AI

    European Broadcasting Union and NVIDIA Partner on Sovereign AI

    Zelda Minish Cap 100% Walkthrough – Part 28/61 – Flippers, Bomb Bag & Quiver Upgrade (Commentary)

    Zelda Minish Cap 100% Walkthrough – Part 28/61 – Flippers, Bomb Bag & Quiver Upgrade (Commentary)

    Majora's Mask Walkthrough – 15 – Goron's Lullaby

    Majora's Mask Walkthrough – 15 – Goron's Lullaby

  • Tesla
    Dashboard Mobile Phone Holder, Non-Slip 360 Degree Rotatable Navigation Bracket,…

    Dashboard Mobile Phone Holder, Non-Slip 360 Degree Rotatable Navigation Bracket,…

    Skechers Car Floor Mats,Heavy Duty Rubber Car Mats Full Set,All WeatherFloor…

    Skechers Car Floor Mats,Heavy Duty Rubber Car Mats Full Set,All WeatherFloor…

    Center Console Organizer Behind Screen Storage Box for 2024 Tesla Cybertruck…

    Center Console Organizer Behind Screen Storage Box for 2024 Tesla Cybertruck…

    Tesla is done in Germany: 94% say they won’t buy a Tesla car

    Tesla owners sue to break their leases over Musk making the cars ‘far-right totems’

    Flag Pole Holder Kit for Tesla Cybertruck, Lymorexan L Track Flag Pole Mount Kit for…

    Flag Pole Holder Kit for Tesla Cybertruck, Lymorexan L Track Flag Pole Mount Kit for…

    3PCS Center Console Accessories for Tesla New Model Y Juniper 2025 Model 3 Highland 2024…

    3PCS Center Console Accessories for Tesla New Model Y Juniper 2025 Model 3 Highland 2024…

    Car Sound Deadening Roller, Audio Sound Deadener Application Installation Metal Seam…

    Car Sound Deadening Roller, Audio Sound Deadener Application Installation Metal Seam…

    iZEEKER 2.5K Dash Cam WiFi Dash Camera for Cars, Mini Car Camera 1440P Front Dashcams…

    iZEEKER 2.5K Dash Cam WiFi Dash Camera for Cars, Mini Car Camera 1440P Front Dashcams…

    2 Pack For Tesla Model X 2017-2024 Front/Back Under Seat Storage Organizer,TPE…

    2 Pack For Tesla Model X 2017-2024 Front/Back Under Seat Storage Organizer,TPE…

  • UFO
    Trump Discusses Drone Sightings Along US East Coast | #CISNewsStudio1s

    Trump Discusses Drone Sightings Along US East Coast | #CISNewsStudio1s

    Roswell Conspiracies: Aliens, Myths & Legends, Vol. 1

    Roswell Conspiracies: Aliens, Myths & Legends, Vol. 1

    5 Shocking Nature Sky Phenomena That Actually Happened!

    5 Shocking Nature Sky Phenomena That Actually Happened!

    UFO Hunters – Season 1 (History) (Steelbook) [DVD]

    UFO Hunters – Season 1 (History) (Steelbook) [DVD]

    The Bizarre Handbag Figure Found In Mesoamerica

    The Bizarre Handbag Figure Found In Mesoamerica

    NOVA: What are UFOs?

    NOVA: What are UFOs?

    They Are Already Here: UFO Culture and Why We See Saucers

    They Are Already Here: UFO Culture and Why We See Saucers

    Alien: Romulus

    Alien: Romulus

    Top 25 Alien Encounters: UFO Case Files Exposed [DVD]

    Top 25 Alien Encounters: UFO Case Files Exposed [DVD]

No Result
View All Result
Techcratic
No Result
View All Result
Home Cybersecurity

Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials

Cyber Security by Cyber Security
June 5, 2025
in Cybersecurity
Reading Time: 7 mins read
124 6
A A
0
Share on FacebookShare on XShare on LinkedIn

info@thehackernews.com (The Hacker News)
2025-06-05 11:53:00
thehackernews.com

Jun 05, 2025Ravie LakshmananBrowser Security / Online Safety

Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks.

“Several widely used extensions […] unintentionally transmit sensitive data over simple HTTP,” Yuanjing Guo, a security researcher in the Symantec’s Security Technology and Response team, said. “By doing so, they expose browsing domains, machine IDs, operating system details, usage analytics, and even uninstall information, in plaintext.”

The fact that the network traffic is unencrypted also means that they are susceptible to adversary-in-the-middle (AitM) attacks, allowing malicious actors on the same network such as a public Wi-Fi to intercept and, even worse, modify this data, which could lead to far more serious consequences.

Cybersecurity

The list of identified extensions are below –

  • SEMRush Rank (extension ID: idbhoeaiokcojcgappfigpifhpkjgmab) and PI Rank (ID: ccgdboldgdlngcgfdolahmiilojmfndl), which call the URL “rank.trellian[.]com” over plain HTTP
  • Browsec VPN (ID: omghfjlpggmjjaagoclmmobgdodcjboh), which uses HTTP to call an uninstall URL at “browsec-uninstall.s3-website.eu-central-1.amazonaws[.]com” when a user attempts to uninstall the extension
  • MSN New Tab (ID: lklfbkdigihjaaeamncibechhgalldgl) and MSN Homepage, Bing Search & News (ID: midiombanaceofjhodpdibeppmnamfcj), which transmit a unique machine identifier and other details over HTTP to “g.ceipmsn[.]com”
  • DualSafe Password Manager & Digital Vault (ID: lgbjhdkjmpgjgcbcdlhkokkckpjmedgc), which constructs an HTTP-based URL request to “stats.itopupdate[.]com” along with information about the extension version, user’s browser language, and usage “type”

“Although credentials or passwords do not appear to be leaked, the fact that a password manager uses unencrypted requests for telemetry erodes trust in its overall security posture,” Guo said.

Symantec said it also identified another set of extensions with API keys, secrets, and tokens directly embedded in the JavaScript code, which an attacker could weaponize to craft malicious requests and carry out various malicious actions –

  • Online Security & Privacy extension (ID: gomekmidlodglbbmalcneegieacbdmki), AVG Online Security (ID: nbmoafcmbajniiapeidgficgifbfmjfo), Speed Dial [FVD] – New Tab Page, 3D, Sync (ID: llaficoajjainaijghjlofdfmbjpebpa), and SellerSprite – Amazon Research Tool (ID: lnbmbgocenenhhhdojdielgnmeflbnfb), which expose a hard-coded Google Analytics 4 (GA4) API secret that an attacker could use to bombard the GA4 endpoint and corrupt metrics

  • Equatio – Math Made Digital (ID: hjngolefdpdnooamgdldlkjgmdcmcjnc), which embeds a Microsoft Azure API key used for speech recognition that an attacker could use to inflate the developer’s costs or exhaust their usage limits

  • Awesome Screen Recorder & Screenshot (ID: nlipoenfbbikpbjkfpfillcgkoblgpmj) and Scrolling Screenshot Tool & Screen Capture (ID: mfpiaehgjbbfednooihadalhehabhcjo), which expose the developer’s Amazon Web Services (AWS) access key used to upload screenshots to the developer’s S3 bucket

  • Microsoft Editor – Spelling & Grammar Checker (ID: gpaiobkfhnonedkhhfjpmhdalgeoebfa), which exposes a telemetry key named “StatsApiKey” to log user data for analytics

  • Antidote Connector (ID: lmbopdiikkamfphhgcckcjhojnokgfeo), which incorporates a third-party library called InboxSDK that contains hard-coded credentials, including API keys.

  • Watch2Gether (ID: cimpffimgeipdhnhjohpbehjkcdpjolg), which exposes a Tenor GIF search API key

  • Trust Wallet (ID: egjidjbpglichdcondbcbdnbeeppgdph), which exposes an API key associated with the Ramp Network, a Web3 platform that offers wallet developers a way to let users buy or sell crypto directly from the app

  • TravelArrow – Your Virtual Travel Agent (ID: coplmfnphahpcknbchcehdikbdieognn), which exposes a geolocation API key when making queries to “ip-api[.]com”

Attackers who end up finding these keys could weaponize them to drive up API costs, host illegal content, send spoofed telemetry data, and mimic cryptocurrency transaction orders, some of which could see the developer’s ban getting banned.

Adding to the concern, Antidote Connector is just one of over 90 extensions that use InboxSDK, meaning the other extensions are susceptible to the same problem. The names of the other extensions were not disclosed by Symantec.

Cybersecurity

“From GA4 analytics secrets to Azure speech keys, and from AWS S3 credentials to Google-specific tokens, each of these snippets demonstrates how a few lines of code can jeopardize an entire service,” Guo said. “The solution: never store sensitive credentials on the client side.”

Developers are recommended to switch to HTTPS whenever they send or receive data, store credentials securely in a backend server using a credentials management service, and regularly rotate secrets to further minimize risk.

The findings show how even popular extensions with hundreds of thousands of installations can suffer from trivial misconfigurations and security blunders like hard-coded credentials, leaving users’ data at risk.

“Users of these extensions should consider removing them until the developers address the insecure [HTTP] calls,” the company said. “The risk is not just theoretical; unencrypted traffic is simple to capture, and the data can be used for profiling, phishing, or other targeted attacks.”

“The overarching lesson is that a large install base or a well-known brand does not necessarily ensure best practices around encryption. Extensions should be scrutinized for the protocols they use and the data they share, to ensure users’ information remains truly safe.”

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.



Source Link


Upgrade your audio game with the Logitech for Creators Blue Yeti USB Microphone. With over 33,730 ratings and an impressive 4.6 out of 5 stars, it’s no wonder this is an Amazon’s Choice product. Recently, 5K+ units were purchased in the past month.

Available in five stunning colors: Teal, Silver, Pink Dawn, Midnight Blue, and Blackout, this microphone is perfect for creators looking to produce exceptional audio. Priced at only $84.99, it’s a deal you can’t afford to miss.

Elevate your recordings with clear broadcast-quality sound and explore your creativity with enhanced effects, advanced modulation, and HD audio samples. Order now for just $84.99 on Amazon!


Start your free Amazon Prime trial
today and unlock unlimited streaming and more!

Help Power Techcratic’s Future – Scan To Support

If Techcratic’s content and insights have helped you, consider giving back by supporting the platform with crypto. Every contribution makes a difference, whether it’s for high-quality content, server maintenance, or future updates. Techcratic is constantly evolving, and your support helps drive that progress.

As a solo operator who wears all the hats, creating content, managing the tech, and running the site, your support allows me to stay focused on delivering valuable resources. Your support keeps everything running smoothly and enables me to continue creating the content you love. I’m deeply grateful for your support, it truly means the world to me! Thank you!

BITCOIN

Bitcoin Logo

Bitcoin QR Code

bc1qlszw7elx2qahjwvaryh0tkgg8y68enw30gpvge

Scan the QR code with your crypto wallet app

DOGECOIN

Dogecoin Logo

Dogecoin QR Code

D64GwvvYQxFXYyan3oQCrmWfidf6T3JpBA

Scan the QR code with your crypto wallet app

ETHEREUM

Ethereum Logo

Ethereum QR Code

0xe9BC980DF3d985730dA827996B43E4A62CCBAA7a

Scan the QR code with your crypto wallet app

Please read the Privacy and Security Disclaimer on how Techcratic handles your support.

Disclaimer: As an Amazon Associate, Techcratic may earn from qualifying purchases.

Tags: Cybersecurity
Share161Tweet101Share28
Previous Post

Advertising strategies are changing with AI and data analysis tools

Next Post

3PCS Car Micro Squeegee Curves Slot Tint Tool Set, Auto Vinyl Wrap Tool Kit, 3 in 1…

Cyber Security

Cyber Security

Explore the critical updates and expert insights in cybersecurity. Stay protected and informed with the latest trends, threats, and solutions in the world of digital security. Find the latest articles here at Techcratic.

Related Posts

Cybersecurity
Cybersecurity

5 Lessons from River Island

June 11, 2025
1.3k
Cybersecurity
Cybersecurity

INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

June 11, 2025
1.3k
Cybersecurity
Cybersecurity

SinoTrack GPS Devices Vulnerable to Remote Vehicle Control via Default Passwords

June 11, 2025
1.3k
Cybersecurity
Cybersecurity

Researchers Uncover 20+ Configuration Risks, Including Five CVEs, in Salesforce Industry Cloud

June 10, 2025
1.3k
Cybersecurity
Cybersecurity

Adobe Releases Patch Fixing 254 Vulnerabilities, Closing High-Severity Security Gaps

June 10, 2025
1.3k
Cybersecurity
Cybersecurity

Researcher Found Flaw to Discover Phone Numbers Linked to Any Google Account

June 10, 2025
1.3k
Load More
Next Post
3PCS Car Micro Squeegee Curves Slot Tint Tool Set, Auto Vinyl Wrap Tool Kit, 3 in 1…

3PCS Car Micro Squeegee Curves Slot Tint Tool Set, Auto Vinyl Wrap Tool Kit, 3 in 1...

Leaked Apple charger points to incredibly fast iPhone 17 MagSafe charging

Leaked Apple charger points to incredibly fast iPhone 17 MagSafe charging

Leveling up your Microsoft Store on Windows experience

Leveling up your Microsoft Store on Windows experience

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Your Tech Resources

  • 30 Second Tech ™
  • AI
  • App Zone ™
  • Apple
  • Ars Technica
  • CNET
  • ComputerWorld
  • Crypto News
  • Cybersecurity
  • Endgadget
  • Fossbytes
  • Gaming
  • GeekWire
  • Gizmodo
  • Google News
  • Hacker News
  • Harvard Tech
  • I Like Cats ™
  • I Like Dogs ™
  • LifeHacker
  • MacRumors
  • Macworld
  • Mashable
  • Microsoft
  • MIT Tech
  • PC World
  • Photofocus
  • Physics
  • Random Tech
  • Retro Rewind ™
  • Robot Report
  • SiliconANGLE
  • SlashGear
  • Smartphone
  • StackSocial
  • Tech Art
  • Tech Careers
  • Tech Deals
  • Techcratic ™
  • TechCrunch
  • Techdirt
  • TechRepublic
  • Techs Got To Eat ™
  • TechSpot
  • Tesla
  • The Verge
  • TNW
  • Trusted Reviews
  • UFO
  • VentureBeat
  • Visual Capitalist
  • Weird Stuff
  • Wired
  • ZDNet

Tech News

  • 30 Second Tech ™
  • AI
  • AnandTech
  • Apple Insider
  • Ars Technica
  • CNET
  • ComputerWorld
  • Crypto News
  • Cybersecurity
  • Endgadget
  • ExtremeTech
  • Fossbytes
  • Gaming
  • GeekWire
  • Gizmodo

Tech News

  • Harvard Tech
  • MacRumors
  • Macworld
  • Mashable
  • Microsoft
  • MIT Tech
  • Physics
  • PC World
  • Random Tech
  • Retro Rewind ™
  • SiliconANGLE
  • SlashGear
  • Smartphone
  • StackSocial
  • Tech Careers

Tech News​

  • Tech Art
  • TechCrunch
  • Techdirt
  • TechRepublic
  • Techs Got To Eat ™
  • TechSpot
  • Tesla
  • The Verge
  • TNW
  • Trusted Reviews
  • UFO
  • VentureBeat
  • Visual Capitalist
  • Weird Stuff
  • Wired
  • ZDNet

Site Links

  • About Techcratic
  • Affiliate Disclaimer
  • Affiliate Link Policy
  • Contact Techcratic
  • Dealors Discount Store
  • Privacy and Security Disclaimer
  • Privacy Policy
  • RSS Feed
  • Site Map
  • Support Techcratic
  • Techcratic
  • Tech Deals
  • TOS
  • 𝕏
Click For A Secret Deal

Techcratic – Your All In One Tech Hub © 2020 – 2025
All Rights Reserved
∞

No Result
View All Result
  • Home
  • Apple
  • Gaming
  • Microsoft
  • AnandTech