Popular password manager plugins for web browsers have been found susceptible to clickjacking security vulnerabilities that could be exploited to steal account credentials, two-factor authentication (2FA) codes, and credit card details under certain conditions.The technique has been dubbed Document Object Model (DOM)-based extension clickjacking by independent security researcher Marek Tóth,
First seen on thehackernews.com
Jump to article: thehackernews.com/2025/08/dom-based-extension-clickjacking.html
