Quote:An exploit has been discovered that could allow ad blocking filter list maintainers for the Adblock Plus, AdBlock, and uBlocker browser extensions to create filters that inject remote scripts into web sites.
With ad blockers having a a user base of over 10 million installs, if malicious scripts were injected it would have a huge impact as they could perform unwanted activity such as stealing cookies, login credentials, causing page redirects, or other unwanted behavior.
For those who are unfamiliar with how ad blockers work, they utilize lists of URLs related to advertisements and malicious behavior and are typically maintained by a small team of people or even a single person. When these lists are loaded by an ad blocking extension, like Adblock Plus, the extension will prevent the browser from connecting to the listed URLs and thus advertisements or malicious scripts are unable to load.
SOURCE: https://www.bleepingcomputer.com/news/se...ious-code/
![[-]](https://www.geeks.fyi/images/collapse.png)
