Browser Plugins and Extensions

Browser plugins and extensions extend the functionality of web browsers, such as adding ad-blocking or password management features. However, poorly coded or malicious plugins can inject scripts, capture keystrokes, and exfiltrate sensitive data. From a client-side security viewpoint, limiting the number of extensions installed, keeping them up to date, and reviewing their permissions can thwart many browser-based attacks. Security policies and corporate controls often restrict or whitelist certain plugins to avoid introducing vulnerabilities.