Guardio reveals a critical Opera vulnerability and how easily it could have been exploited via a Chrome Store extension, underscoring the need for heightened security.

Guardio's platform is a resource for cybersecurity professionals and internet users, offering insights into online security threats, malware protection, and data privacy. Through articles, security alerts, and educational resources, Guardio offers insights into common cybersecurity risks, security best practices, and digital hygiene habits. Readers can learn about protecting their devices from malware, securing their online accounts, and staying safe while browsing the internet to mitigate cyber threats and safeguard their personal information.

Guardio

Guardio Labs has identified and disclosed a serious Opera browser vulnerability, allowing malicious extensions to exploit Private APIs and perform actions such as screen capturing, browser setting changes, and account hijacking. This vulnerability can be exploited across different extension stores, as demonstrated via a malicious extension that bypassed security measures and was accepted into Google's Chrome Store. The case emphasizes the need for stringent review processes and continuous post-approval monitoring to safeguard against such threats.

“CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack

Breaking the Private API Bearier — With Extensions

The Art of Extension-Based Code Injection

Exploiting Private APIs with a POC Extension

If One Store is Closed, Somewhere Another is Open

“Privately-Stashing” A Cute Puppy Extension