Disclosed by SquareX, polymorphic extensions can mimic any other browser extension, perfectly replicating their icons and popup interfaces. Victims, believing they are interacting with the real extension, are tricked into entering their password manager or crypto wallet credentials. With additional permissions, these malicious extensions can even disable the legitimate one entirely.

Join our technical webinar for exclusive live demos on how polymorphic extensions work and the relevant mitigation strategies. There will also be a live Q&A session to clarify any doubts.

Webinar starts in:

Overview of the browser security landscape

• Introducing Browser Detection and Response (BDR)
• The importance of threat research

Introduction to browser extensions

• Evolution of browsers & browser extensions
• Extensions architecture & data exposure

Deep dive into Polymorphic Extensions

• Step-by-step demonstration
• Mitigation using Browser Detection and Response
• The research process behind Polymorphic Extensions
• Working with browser vendors

Q&A 

Field CISO, SquareX

John Carse is Field CISO at SquareX, bringing over two decades of cybersecurity expertise to the role. His journey in cybersecurity began in 2003 while working with the US Navy, leading to extensive experience across Japan, Bahrain, Hawaii and Singapore. Prior to joining SquareX, John held executive security roles at major organizations including Dyson, Rakuten, Expedia Group, and JPMorgan.

At SquareX, John combines his deep technical knowledge and business experience to help enterprises understand and defend against browser-based attacks. A seasoned technologist with multiple cloud security patents, he holds an MBA in Entrepreneurship from IE Business School and a Bachelor's in Computer and Information Science from the University of Maryland Global Campus.

Copyright © 2025. All rights reserved.