Breach Roundup: Microsoft Edge Turns Passwords Into Targets
Security researcher Tom Jøran Sønstebyseter Rønning discovered Microsoft Edge loads saved passwords into memory in plaintext upon startup, exposing users to credential theft risks, while Microsoft dismissed concerns as requiring administrative access. Taiwan police arrested a university student for hacking the high-speed rail radio system, causing emergency braking on four trains, alongside other global cyber incidents including a 2.45 billion-request DDoS attack and a Karakurt ransomware negotiator’s sentencing.
Security researcher Tom Jøran Sønstebyseter Rønning revealed Microsoft Edge automatically loads all saved passwords into memory in plaintext when the browser starts, unlike Chromium-based browsers such as Google Chrome and Brave, which decrypt credentials only during active use. This behavior makes credential theft easier on compromised systems, as other processes can read the memory without restriction, particularly in shared enterprise environments like Citrix servers or virtual desktops. Microsoft downplayed the risk, stating it requires an attacker to already have administrative access, but experts argue the practice turns passwords into a liability. Rønning published a tool called EdgeSavedPasswordsDumper on GitHub to verify if Edge passwords are stored in plaintext. The issue highlights broader concerns about password security, as retaining credentials in memory undermines their role as transient secrets. Enterprise users face heightened risks, as attackers with administrative access can extract sensitive data from all user sessions on shared systems. Meanwhile, Taiwan police arrested a university student for hacking the radio communications system of the island’s high-speed rail network, triggering emergency braking on four trains. Authorities confirmed the incident disrupted operations but did not disclose further details. The arrest follows a series of cybersecurity incidents globally, including a massive 2.45 billion-request distributed denial-of-service (DDoS) attack that bypassed per-IP rate limits. Other notable developments include the sentencing of a Karakurt ransomware negotiator, the discovery of China-linked UAT-8302 malware targeting governments with multiple backdoors, and the imprisonment of two Americans for aiding North Korean IT workers in infiltrating U.S. firms. Additionally, researchers identified another vulnerability in Ivanti Endpoint Manager Mobile, while the creator of Curl warned that artificial intelligence will not eliminate software bugs. French police also arrested a teenager in connection with a government data breach.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.