ExtensionPedia launches with risk scores for 200K browser add-ons
The new platform provides individuals and enterprises with detailed risk assessments for browser extensions available for Chrome, Edge, and Firefox, enabling users to review security scores before installation. ExtensionPedia also includes a knowledge centre featuring guidance on mitigating threats from malicious browser extensions.
Malicious browser extensions have been cited as a significant but overlooked identity security risk affecting both home and workplace users. Recent incidents, including multiple breaches over the past six months, have reportedly exposed nearly ten million users worldwide to risks such as identity theft and data leakage via compromised extensions. These risks have prompted warnings from law enforcement agencies such as the FBI.
One of the challenges users face is the complexity of extension trustworthiness, as extensions can be developed, modified, or compromised by malicious actors and redistributed widely. Access to complete, impartial risk information on individual extensions has not typically been available to the general public or organisations.
Extension stores typically apply only baseline verification processes to detect obvious malicious indicators in extensions. Deeper investigations into suspicious behaviour or complex risks usually fall outside their standard review procedures.
Or Eshed, Co-Founder and Chief Executive Officer of LayerX, explained the rationale behind the launch of ExtensionPedia: "While browser extensions are often considered harmless, in practice they are frequently granted extensive access permissions to users' identity information and data, leading hackers to use them as an attack channel for credential theft, account takeover and data theft."
He added, "When someone installs a browser extension – either for personal or work – users and their organisations have no idea what permissions each extension has, how reputable the extension author is and the risk profile of the extension. Our Browser Extension Risk Database and Knowledge Centre for the first time helps get the information individuals and enterprises to protect themselves."
ExtensionPedia's risk evaluations are based on anonymised data collected from millions of sessions using the LayerX platform, which operates as a user-centric extension for protecting identities directly within browsers.
Key features of ExtensionPedia include access to data on over 200,000 extensions across major browsers, integration with the LayerX management console, and availability for public use online. Each extension is given a detailed score based on parameters such as permission scope and reputation risk. Users can also view a single, unified risk score incorporating all available risk factors.
Additional information available through ExtensionPedia includes extension details, publisher data, and a range of articles and guides covering topics related to browser extension security and best practices for preventing malicious activity.
Individuals and organisations using ExtensionPedia can search for extensions by name or unique ID, review extensions by category—including GenAI, VPN tools, and password managers—and compare risk scores. The platform offers both high-level risk assessments and more granular, detailed breakdowns, including permission access and publisher reputation.
ExtensionPedia also features resources to help users educate themselves on the risks and protection strategies related to browser extensions.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
NZ Herald
5 hours ago
- NZ Herald
From Epstein's finances to his computers and his autopsy, there's a lot of relevant, unanswered questions
With the exception of redactions required to protect the innocent and materials that must be withheld while under court seal, the complete FBI files should be released. Here are nine unanswered questions about the Epstein case — ones that a curious, non-conspiracy-minded citizen might have — that the files might help answer: 1: How did Epstein make his money and how did he finance his sex-trafficking over two decades? At the time of Epstein's death in 2019, his estate was worth an estimated US$600 million ($990m). He worked briefly on Wall Street and built his wealth with the help of several billionaires, including the L Brands founder Leslie Wexner and the Apollo Global Management co-founder Leon Black, for whom Epstein provided consulting, tax advice and other financial services. But it's still not clear how Epstein amassed such a large fortune — or how he was able to fund such a complex trafficking scheme. Neither Wexner nor Black has been accused of wrongdoing by law enforcement in connection to Epstein's crimes, and both men have said that they did not know about his criminal behaviour. In addition to trafficking underage victims within the US, Epstein imported young women and children from Russia, Belarus, Turkey, and Turkmenistan, according to an investigation conducted by the office of Senator Ron Wyden of Oregon. This trafficking was presumably expensive. Treasury Department files reviewed by Wyden's staff members detail, among other things, 4725 wire transfers adding up to nearly US$1.1 billion associated with just one of Epstein's bank accounts. We need to follow the money. The FBI files may reveal more about the funding and other financial mechanics of Epstein's operation. 2: Did Epstein have any ties to spy agencies? Some have speculated that Epstein may have been acting as an intelligence asset. One suggestive comment was apparently made by Alexander Acosta when after the 2016 presidential election, he was being vetted for secretary of labour in Trump's first administration. Back in 2008, as the US Attorney for the Southern District of Florida, Acosta agreed to a lenient — and heavily criticised — plea deal that ended a federal investigation into Epstein. When asked in 2016 to explain that decision, Acosta reportedly said: 'I was told Mr Epstein 'belonged to intelligence' and to leave it alone'. Attorney-General Pam Bondi said this month that she did not know whether Epstein was an intelligence asset. 'To him being an agent,' she told reporters, 'I have no knowledge about that.' The FBI files could help resolve this matter. 3: Are there references to Trump in the files that add to our knowledge of his relationship with Epstein? Trump has acknowledged being friendly with Epstein for about 15 years, ending with a falling out over a real estate matter in 2004. Trump has not been accused by law enforcement of any wrongdoing related to Epstein, but his relationship with Epstein has come under scrutiny. During the 2024 presidential campaign, a model named Stacey Williams accused Trump of groping her in the presence of Epstein at Trump Tower in 1993 — a claim his campaign denied. The New York Times recently reported that one of Epstein's victims, Maria Farmer, said that in 1996 and in 2006, she urged the FBI to investigate Trump and others who had been in Epstein's orbit. Trump said to reporters last week that he hasn't been told whether he is in the FBI's Epstein files. If they are released, we could see if he is. 4: What about Bill Clinton? Collecting famous friends seemed to be integral to Epstein's business model — and Bill Clinton was the most famous. In a contact book, Epstein listed 21 different phone numbers for Clinton. The two men met decades ago, most likely through Epstein's close friend and co-conspirator Ghislaine Maxwell. The Daily Beast has reported that she and Epstein attended a reception hosted by Bill and Hillary Clinton in 1993. After he left office in 2001, Clinton flew on Epstein's private jets for 26 flights from 2002 to 2003, according to flight logs. Virginia Giuffre, the first of Epstein's victims to go public, once claimed that Epstein told her that Clinton 'owes me a favour.' Clinton has denied having a close relationship with Epstein and has said that he knew nothing about the crimes that Epstein was accused of. A full accounting of the FBI's Epstein files might help clarify the nature of Clinton's relationship with Epstein. 5: Who were the clients implicated in Epstein's sex-trafficking operation? The lawyer Alan Dershowitz, who joined Epstein's legal team in 2005 when Epstein was first under investigation, said that young women or girls interviewed by the FBI claimed to identify several of Epstein's clients. Dershowitz wrote recently that their identities 'should be disclosed but the courts have ordered them sealed'. He added: 'I know who they are. They don't include any current officeholders. We don't know whether the accusations are true.' Giuffre, who died by suicide in April, said that Epstein trafficked her to multiple men — including Dershowitz. Dershowitz denied her allegation and sued Giuffre for defamation. Giuffre later said she may have made a mistake in accusing him. Others she accused, including politicians in the US, have denied wrongdoing. Prince Andrew of Britain, whom she also accused, denied wrongdoing and settled out of court a lawsuit that she brought against him. What if anything did the FBI do to corroborate Giuffre's claims about Andrew? Did it investigate the authenticity of a photo showing her with Andrew — a photograph he has claimed may be a fake? 6: Who helped Epstein overseas? One associate of Epstein was the French modelling scout Jean-Luc Brunel, who faced his own allegations of sexual assault and died behind bars in Paris in 2022 while awaiting trial on rape charges. Brunel was accused of grooming minors and trafficking them to Epstein. After Epstein's conviction in Florida, court documents assert that Epstein continued his abuse of girls and had a steady supply of victims ferried to him in the US Virgin Islands. According to a lawsuit filed by the attorney-general of the Virgin Islands, Epstein used private planes, helicopters, boats and other vehicles to bring young women and girls to his island residence there. The scheme led to the molestation and exploitation of 'numerous' girls between aged 12 and 17, according to legal papers. The Miami Herald has reported that the US Marshals Service recorded the names of passengers on Epstein's planes when they arrived at airports in New York and the Virgin Islands. The Department of Homeland Security released some of those documents pursuant to a Freedom of Information Act request from the Miami Herald, but the names were redacted, with the exception of Epstein's. There is probably revealing information about Epstein's operation in the Virgin Islands in the FBI files. 7: What did investigators find in Epstein's safe, computers, and other property? An evidence inventory made during multiple investigations of Epstein by law enforcement resulted in a three-page index generated by the FBI. According to the index, the evidence included 40 computer and electronic devices, 26 storage drives, more than 70 CDs, and six recording devices — along with approximately 60 pieces of physical evidence, including photos, travel logs, and employee logs. The records, according to ABC News, also included three discs containing the outcome of court-authorised intercepts of a phone number previously belonging to Maxwell. This evidence represents a wealth of potential detail, and we're being denied access to it. Why hold this material back if properly redacted? 8: What do the videos show? Victims have said that Epstein had cameras in his homes. The Department of Justice and the FBI have said that the Epstein files contain more than 10,000 downloaded videos and images of illegal child sex material and other pornography. The AP recently reported on a court filing in which Epstein's estate was said to have located an unspecified number of videos and photos that it said might contain child sex abuse material. The FBI files could provide more details about when and where this material was uncovered. 9: What is in Epstein's autopsy report? The autopsy was performed by Kristin Roman, a forensic pathologist, at the direction of Dr Barbara Sampson, New York's chief medical examiner at the time. Sampson determined that Epstein died by suicide, but many are sceptical. Were DNA tests performed on the bedsheet that Epstein was said to have used to hang himself? If so, was any foreign DNA detected? Did investigators question inmates in nearby cells about what they heard or saw? Seeking answers to this and the other eight matters is the least we can do, not only for Epstein's victims but also for a nation that badly needs to restore its trust in government. This article originally appeared in The New York Times. Written by: Barry Levine Barry Levine is the author of The Spider: Inside the Criminal Web of Jeffrey Epstein and Ghislaine Maxwell and a co-author, with Monique El-Faizy, of All the President's Women: Donald Trump and the Making of a Predator. ©2025 THE NEW YORK TIMES
NZ Herald
a day ago
- NZ Herald
Google's AI investments drive $28.2b profit amid legal battles
Ad revenue at YouTube continues to grow, along with the video platform's subscription services, Alphabet reported. YouTube's ad revenue and premium subscriptions are rising. Photo / Getty Images Alphabet's cloud computing business is on pace to bring in US$50b over the course of the year, according to the company. 'With this strong and growing demand for our cloud products and services, we are increasing our investment in capital expenditures in 2025 to approximately [US]$85 billion and are excited by the opportunity ahead,' Pichai said. Alphabet shares were essentially flat in after-market trades that followed the release of the earnings figures. Investors have been watching closely to see whether the tech giant may be pouring too much money into artificial intelligence and whether AI-generated summaries of search results will translate into fewer opportunities to serve up money-making ads. The internet giant is dabbling with ads in its new AI Mode for online search, a strategic move to fend off competition from ChatGPT while adapting its advertising business for an AI age. The integration of advertising has been a key question accompanying the rise of generative AI chatbots, which have largely avoided interrupting the user experience with marketing messages. However, advertising remains Google's financial bedrock. Google and its rivals are spending billions of dollars on data centres and more for AI, while the rise of DeepSeek, the lower-cost model from China, raises questions about how much needs to be spent. DeepSeek, one of Google's competitors, raises concerns over data centre spending. Photo / Getty Images Anti-trust battles Meanwhile, the online ad business that generates the cash Google invests in its future could be neutered due to a defeat in a US anti-trust case. During the US summer of 2024, Google was found guilty by a federal judge in Washington of illegal practices it used in order to establish and maintain its monopoly in online search. The Justice Department is now demanding remedies that could transform the digital landscape: Google's divestiture from its Chrome browser and a ban on entering exclusivity agreements with smartphone manufacturers to install the search engine by default. District Judge Amit Mehta is considering 'remedies' in a decision expected in the coming days or weeks. In another legal battle, a different US judge ruled this year that Google wielded monopoly power in the online ad technology market, another legal blow that could rattle the tech giant's revenue engine. District Court Judge Leonie Brinkema ruled that Google built an illegal monopoly over ad software and tools used by publishers. Combined, the courtroom defeats have the potential to split Google up and curb its influence. Google said it is appealing both rulings. – Agence France-Presse
NZ Herald
17-07-2025
- NZ Herald
Teen dies after AI sextortion scam; rise in ‘nudify' app blackmail
'They are well financed, and they are relentless. They don't need the photos to be real, they can generate whatever they want, and then they use it to blackmail the child.' US investigators were looking into the case, which comes as nudify apps – which rose to prominence targeting celebrities – are being increasingly weaponised against children. The FBI has reported a 'horrific increase' in sextortion cases targeting US minors, with victims typically males between the ages of 14 and 17. The threat has led to an 'alarming number of suicides', the agency warned. After a Kentucky teenager's suicide, his parents found he was blackmailed over an AI-generated nude image. Photo / Getty Images In a recent survey, Thorn, a non-profit focused on preventing online child exploitation, found that 6% of American teens have been a direct victim of deepfake nudes. 'Reports of fakes and deepfakes – many of which are generated using these 'nudifying' services – seem to be closely linked with reports of financial sextortion, or blackmail with sexually explicit images,' the British watchdog Internet Watch Foundation (IWF) said in a report last year. 'Perpetrators no longer need to source intimate images from children because images that are convincing enough to be harmful – maybe even as harmful as real images in some cases – can be produced using generative AI.' The IWF identified one 'paedophile guide' developed by predators that explicitly encouraged perpetrators to use nudifying tools to generate material to blackmail children. The author of the guide claimed to have successfully blackmailed some 13-year-old girls. The tools are a lucrative business. A new analysis of 85 websites selling nudify services found they may be collectively worth up to US$36 million ($60.8m) a year. The analysis from Indicator, a US publication investigating digital deception, estimates that 18 of the sites made between US$2.6m and US$18.4m over the six months to May. Most of the sites rely on tech infrastructure from Google, Amazon, and Cloudflare to operate, and remain profitable despite crackdowns by platforms and regulators, Indicator said. The proliferation of AI tools has led to new forms of abuse impacting children, including pornography scandals at universities and schools worldwide, where teenagers created sexualised images of their own classmates. A recent Save the Children survey found that one in five young people in Spain have been victims of deepfake nudes, with those images shared online without their consent. Earlier this year, Spanish prosecutors said they were investigating three minors in the town of Puertollano for allegedly targeting their classmates and teachers with AI-generated pornographic content and distributing it in their school. In the United Kingdom, the Government this year made creating sexually explicit deepfakes a criminal offence, with perpetrators facing up to two years in jail. And in May, US President Donald Trump signed the bipartisan 'Take It Down Act', which criminalises the non-consensual publication of intimate images, while also mandating their removal from online platforms. Meta also recently announced it was filing a lawsuit against a Hong Kong company behind a nudify app called Crush AI, which it said repeatedly circumvented the tech giant's rules to post ads on its platforms. But despite such measures, researchers say AI nudifying sites remain resilient. 'To date, the fight against AI nudifiers has been a game of whack-a-mole,' Indicator said, calling the apps and sites 'persistent and malicious adversaries'. -Agence France-Presse
