ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Cybersecurity

Chrome/Edge ModHeader removed after dormant browsing-history collector found

Source headline: Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 2 days ago

Intelligence Summary

Google and Microsoft have removed the ModHeader extension from their Chrome and Edge stores. Researchers reported that the official store version contained a hidden browsing-history collector. The collector appeared dormant, with an empty allow-list that kept it inactive. No evidence has been shown that it ever collected or transmitted browsing data. Users should stop using ModHeader and update/replace it with an alternative to avoid potential future exposure.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#supply-chain #privacy #chrome #browser-extension #edge #modheader
Original reporting The Hacker News Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
Open original source