|
|
|
|
|
|
by _slih
132 days ago
|
|
|
Companies spend a fortune on endpoint security and then let employees install random Chrome extensions with full page access. I've seen AWS console sessions running in browsers with a dozen extensions nobody's ever audited. The extension store is basically a supply chain attack marketplace at this point |
|
|