Two critical vulnerabilities discovered in popular AI-powered Chrome extensions, SiderAI and MaxAI, could allow attackers to silently compromise browser sessions, steal sensitive data, and execute full account takeovers across any website. Dubbed “Spyder” and “MaXSS” respectively, both flaws remain unpatched after vendors failed to respond to responsible disclosure attempts. Rebora Security Research identified the flaws in a new class of […]
The post Critical Chrome Extension Vulnerabilities Enable Browser Compromise Attacks appeared first on Cyber Security News.