SquareX Uncovers "Browser Syncjacking" - A New Attack Vector that Turns Browser Extensions into Device Takeover Tools SquareX has just disclosed a novel attack technique that allows attackers to weaponize virtually any browser extensions, even those with basic permissions, to orchestrate a complete browser and device takeover through a three-stage attack: 1️⃣ Browser Profile Hijacking: silently authenticating and syncing a Chrome profile managed by the attacker's Google Workspace with the victim's browser 2️⃣ Browser Takeover: turning the victim's browser into a managed browser controlled by the attacker 3️⃣ Device Hijacking: full takeover of the victim's device, with access to all native apps Once a full device takeover happens, attackers can exfiltrate data from any web & native app, disable security features, secretly turn on device cameras & microphones, and even install further malicious extensions or executables. This attack is particularly potent as it involves: - Minimal permissions common to popular productivity tools such as Grammarly and Calendly, making all extensions a risk vector - Legitimate sites that are trusted by users - A small yet sophisticated social engineering step, with minimal user interaction - No visual change between a managed & unmanaged browser/profile - Runtime modifications to webpage content, which cannot be detected by static analysis of the extension's code The full technical details are now available at and over the next few days, we will be covering this attack extensively on our social media channels. 🔗 Technical blog: 🔗 Demo Videos: (part 1) & (part 2)

Attack Research: DeepSeek Phishing Sites A new attack surfaced 2 weeks ago exploiting DeepSeek's growing popularity. Malicious actors have created hundreds of convincing #DeepSeek clone sites, with fake #MetaMask QR codes to trick users into connecting their cryptocurrency wallets and potentially drain their funds. SquareX's advanced phishing detection algorithms provide protection against these threats by: ▪️ Automatically identifying and blocking malicious sites ▪️ Preventing users from encountering dangerous QR codes ▪️ Alerting administrators with comprehensive threat intelligence Learn more: #browsersecurity #browser #enterprise #BDR

RT @seasides_conf: The world pays attention when @getsquarex & @vivekramac build something remarkable. Now, it’s our turn to listen to Ale…

Comparison: Browser Detection and Response vs Enterprise Browsers #Enterprisebrowsers require significant change management and force users to abandon their preferred browsers, creating friction and reducing productivity. SquareX's Browser Detection & Response (BDR) solution deploys instantly as a lightweight extension on existing browsers while providing superior security capabilities, including advanced threat detection, isolation, and comprehensive threat hunting. Our browser-native approach delivers enterprise-grade security without disrupting user workflows. Want the complete comparison? Download our in-depth whitepaper: #browsersecurity #browser #enterprise #BDR

Essential reading for security teams evaluating their data protection strategy in 2025. Get your copy: #browsersecurity #browser #enterprise #BDR

Attack Research: Browser Syncjacking The third step of #BrowserSyncjacking allows attackers to take over the victim's full device. Once they have control, they can perform a wide range of devastating activities that put your entire organization at risk. Through registry entries that enable native messaging, the malicious extension can directly interact with local apps without authentication. This allows attackers to: - Access file systems — read, write, modify, or encrypt files across the entire system, including sensitive documents, credentials, and configuration files - Modify systems — install malware/rootkits, modify system settings, disable security software, create backdoors and establish persistence - Surveillance — capture keystrokes, record audio via microphone, access webcam, take screenshots, monitor clipboard content - Credential harvesting — steal saved passwords, access cryptocurrency wallets, steal authentication tokens and cookies - Remote control — execute commands, download malware, update malicious extensions, run applications with elevated privileges SquareX's Browser Detection and Response (BDR) prevents this attack chain at its source with upstream threat detection in the browser. Our browser-native solution monitors extension behavior in real-time, detecting and blocking any attempts to establish unauthorized native messaging capabilities. Learn more about the attack and how SquareX can protect you from malicious extensions: #browsersecurity #browser #enterprise #BDR

“You could actually take an excel document with a malicious macro, change the metadata of the author name, and it would bypass [webmail providers' scanning].” Join our Founder Vivek Ramachandran and 1Password’s Head of Password Manager Development Michael Fey on the Random But Memorable Podcast, where they discuss browser-native security, the mechanisms SquareX uses to stop browser threats, how the SquareX team discovered security flaws in top webmail providers — and more! Listen to the full episode at P.S. Shoutout to Producer Anna Eastick for putting this together!

Guide: Browser Detection and Response (BDR) The browser has become the new endpoint, yet it remains one of the most vulnerable points in enterprise security. Web-based threats are evolving faster than traditional security solutions can handle. Our BDR whitepaper explores: ▪️ Why browsers need dedicated security solutions ▪️ How BDR detects and prevents sophisticated client-side attacks ▪️ Real-time threat detection and response capabilities ▪️ Integration with existing security infrastructure A must-read for security leaders looking to strengthen their browser security posture. Download now: #browsersecurity #browser #enterprise #BDR

Thus, the attack can only be mitigated with a browser-native solution that truly understands the runtime behavior of each extension. Learn more about Browser Syncjacking at #browsersecurity #browser #enterprise #BDR

Comparison: Browser Detection and Response vs Secure Web Gateways Traditional #SWGs are blind to browser-level activities, attempting to infer applications-layer attacks solely from network traffic. Browser Detection & Response (BDR) solutions offer complete visibility into DOM mutations, user interactions, and browser context, catching sophisticated client-side attacks that SWGs miss entirely. SquareX, the industry's first BDR deploys instantly as a lightweight browser extension across your enterprise, protecting against 90+ unique web attacks through real-time detection and response. Want to see the full comparison? Download our comprehensive BDR whitepaper: #browsersecurity #browser #enterprise #BDR

Attack Research: Unofficial #DeepSeek Extensions DeepSeek has experienced a surge in popularity that has overwhelmed their servers, resulting in significant wait times for users. This has prompted the emergence of hundreds of unauthorized #Chrome extensions promising free access to DeepSeek's services, attracting thousands of users seeking to bypass the wait times. Our monitoring has detected hundreds of these extensions masquerading as legitimate DeepSeek services, but operating through newly registered domains instead of This is a classic #phishing setup that puts enterprise data at risk. These extensions can: ▪️ Harvest authentication tokens ▪️ Steal enterprise credentials ▪️ Expose intellectual property through unauthorized AI interfaces SquareX's Browser Detection and Response (BDR) solution lets you implement immediate blocking policies for all DeepSeek-related extensions across your organization. Since DeepSeek has no official extension, we can effectively block all extensions containing "DeepSeek" in their name or description. Protect your enterprise data from unauthorized #AI access points before a breach occurs. Learn more: #browsersecurity #browser #enterprise #BDR

The browser has become your employees' primary workspace. But what are the security implications? Swipe to find out ➡️ Learn more: #browsersecurity #browser #enterprise #BDR

Our founder and CEO Vivek Ramachandran shares with Aaron Raj why browsers are becoming the frontier for enterprise security. In this interview, Vivek explains how most breaches now happen at the application layer through malicious extensions and inadvertent data sharing, making browser monitoring critical. He also covers how SquareX's Browser Detection and Response (BDR) solution addresses this blind spot by detecting risky activities in real-time. Read the full article to learn why browser security will be crucial for enterprise defense in the coming years: #browsersecurity #browser #enterprise #BDR

The browser has become the new endpoint. Employees spend over 85% of their workday in browsers, accessing enterprise apps and sensitive data. Yet traditional security tools - #EDRs and #SWGs - weren't designed for the modern browser-first workplace. They can't see or stop sophisticated web attacks that live and die in the browser. SquareX's Browser Detection and Response (BDR) takes an attack-focused approach by detecting and blocking threats upstream, directly in the browser. Secure your browser: #browsersecurity #browser #enterprise #BDR @kkmookhey, @niiconsulting

Cybersecurity influencer and industry veteran Jane Frankland joins us on the Be Fearless Podcast to share her journey from design to security, evolving threats, the challenges women face in the field and how they can be overcome. "These attacks aren't just sophisticated - they're disruptive. They're stealing data and compromising accounts, all while flying under the radar of traditional defenses..." Find out what happens next in the full episode, coming soon! #cybersecurity #browsersecurity #browser #enterprise #BDR

Whitepaper: Browser Extensions Our comprehensive whitepaper examines the growing risks of browser extensions, including: 1️⃣ The rise of malicious extensions and supply chain attacks targeting developers 2️⃣ Why traditional security measures fail to detect sophisticated extension-based threats 3️⃣ How attackers exploit seemingly benign permissions for malicious purposes Download our whitepaper to understand why your organization needs a Browser Detection & Response (BDR) strategy to protect against extension-based attacks: #browsersecurity #browser #enterprise #BDR

Attack Research: Browser Syncjacking Attackers have found a new way to achieve complete device takeover: malicious browser extensions. #BrowserSyncjacking is a three-stage attack technique where a single malicious extension can be used to completely hijack the browser, and eventually, the whole device. These extensions only requires basic read/write capabilities, the same ones used by trusted tools like Grammarly and Calendly. What makes this attack especially potent is that traditional security tools can't detect Browser Syncjacking until it's too late, since the malicious activity only reveals itself at runtime. SquareX's Browser Detection and Response (BDR) takes a different approach. Our solution conducts dynamic analysis of extension behavior in real-time, catching sophisticated attacks that static analysis tools miss completely. Read more about how we're protecting enterprises against extension-based threats: #browsersecurity #browser #enterprise #BDR

📸You know an event has hit the mark when you're too engrossed in conversations to even think about photos! Our recent SquareX CISO Roundtable in Singapore, co-hosted with Eifion Jones (Global Head of Cyber at TENTEN Partners), turned into an evening of incredible insights and meaningful discussions. Leading CISOs from across Southeast Asia came together to explore critical cybersecurity challenges and solutions. Eifion shared his perspectives on: ▪️ The evolving employment landscape in Singapore ▪️ Contrasting CISO market dynamics: Asia vs Middle East Our founder Vivek Ramachandran dove deep into emerging web threats, including: ▪️ Our newly discovered Browser Syncjacking attack ▪️ Latest innovations in Browser DLP ▪️ Strategies for protecting against sophisticated identity attacks It was inspiring to see such engaged discussions about the future of enterprise security in a browser-first world. Special thanks to all the CISOs who joined us and made this evening truly memorable! Looking forward to hosting many more CISO Roundtables in 2025!

Case Study: Blocking access to sites from high-risk geographies Given the volatile geopolitical climate of today's world, state-backed cyber threats are on the rise. Security teams need granular control over which geographies their employees can access through the browser to maintain a strong security posture. SquareX's Browser Detection & Response (BDR) allows security teams to create sophisticated policies that automatically detect and block access to websites hosted in high-risk regions. When deployed, SquareX instantly identifies and blocks access attempts to sites hosted in specific geographies, protecting your organization from potential threats. Learn how SquareX provides real-time protection against malicious/suspicious websites without impacting employee productivity: #browsersecurity #browser #enterprise #BDR