Google this week offered reassurance that its vetting of Chrome extensions catches most malicious code, even as it acknowledged that “as with any software, extensions can also introduce risk.” Coincidentally, a trio of researchers affiliated with Stanford University in the US and the CISPA Helmholtz Center for Information Security in Germany just published a paper about recent Chrome Web Store data that suggest the risk posed by browser extensions is far greater than Google admits to.

Source: The Register