Unmasking Insecure Http Data Leaks In Popular Chrome Extensions
Symantec, Thursday, June 5th, 2025
Extensions analyzed expose information such as browsing domains, machine IDs, OS details, usage analytics, and more.
Many users assume that popular Chrome extensions adhere to strong security practices, especially when the extensions themselves promise functionality related to privacy, ranking analytics, or convenient new tab features. However, recent findings show that several widely used extensions-SEMRush Rank, PI Rank, MSN New Tab/Homepage, DualSafe Password Manager, and Browsec VPN-unintentionally transmit sensitive data over simple HTTP.