Security · 3h ago
Opera GX Bug Let Sites Silently Install Mods to Steal Data
A flaw in Opera GX allowed malicious websites to auto-install browser add-ons and extract data from visited pages. Researchers demonstrated extracting a signed-in Gmail address without any user interaction. Opera has patched the vulnerability and found no evidence of exploitation.
Meridian48 take
The attack required no clicks, highlighting how browser extension permissions can be weaponized—a reminder that even niche features like gaming mods need rigorous security review.
Read the full reporting
Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages →
The Hacker News
opera-gxbrowser-security