There have been several cases in the past year of major software vendors inadvertently introducing vulnerabilities through browser extensions. Last August, it was reported that 4.7M Chrome users were at risk due to malicious code injected into eight different Chrome extensions. This past November, Cisco's Webex extension - a widely adopted video conferencing platform - was found to have multiple vulnerabilities.
Douglas (Doug) Wilson is the Director of Security at Uptycs. He has spent a large amount of his career advocating for open tools, organizations, and standards. He was formerly the spokesperson for OpenIOC, and helped to found and run OWASP DC. He has over 18 years of experience in a variety of Information Security and Technology positions. When not attached to a computer or traveling, he can be found at Scotch tastings, riding his bike around DC, and reliving his youth through cheering on the DC Breeze Pro Ultimate team.