研究人员发现密钥安全存在弱点,可被恶意浏览器扩展所利用。 Researchers find a vulnerability in passkey security that could be exploited by malicious browser extensions.

SquaX研究者发现,在密钥安全方面存在着脆弱性,可能使攻击者通过恶意浏览器扩展、银行、购物和企业应用程序面临风险,从而劫持登记程序。 SquareX researchers have identified a vulnerability in passkey security that could allow attackers to hijack the registration process via malicious browser extensions, putting banking, shopping, and enterprise apps at risk. 密钥是密码的安全替代品,使用加密钥匙对。 Passkeys, meant to be a secure alternative to passwords, use cryptographic key pairs. 这一缺陷暴露出需要更好地发现和减轻以浏览器为基础的攻击,因为目前的安全解决办法可能无法抓住这些机会。 This flaw exposes a need for better detection and mitigation of browser-based attacks, as current security solutions may not catch these exploits.