Edge extension uses Native Messaging to deliver malware.

A malicious Microsoft Edge extension abused Native Messaging to escape the browser sandbox and install a Python‑based backdoor on Windows hosts. Investigators observed this behavior within a ransomware attack chain, where the extension acted as a bridge to code execution outside the browser. No browser vulnerability was required; the extension leveraged the sanctioned Native Messaging channel to reach a system component and stage malware. The incident highlights risk to Edge users on Windows when untrusted extensions are present. Audit and lock down Edge extensions, restrict or disable Native Messaging, allowlist only approved hosts, and monitor for browsers spawning Python or other unexpected processes. Read the full daily briefing: https://kernelpanicbrief.substack.com Recommended tool: Disclosure: This section contains paid affiliate links. We may earn a commission if you purchase through these links. - Sophos: Endpoint and malware protection for Windows, Linux, and business environments where malware, ransomware, exploited vulnerabilities, or privilege escalation matter. https://prf.hn/l/ojNAEE2/ #cybersecurity #infosec #shorts #malware

Видео Edge extension uses Native Messaging to deliver malware. канала The Kernel Panic Brief