recent press release from web security provider Finjan Inc. has exposed a security flaw with Google's anti-phishing browser extension for the Firefox web browser. Apparently, the extension accidentally gathered some users' e-mail addresses and passwords. Finjan informed Google of the problem earlier this month before making their findings public, and Google has since released an updated version of their plugin that fixed the problem.
How did an anti-phishing plugin wind up exposing user names and passwords to the general public? Read on at ArsTechnica