What do you think about the online rumors that the "Infinity New Tab Page (Pro)" and "We Tab New Tab Page" extensions have been poisoned by hackers?

The core allegation that the "Infinity New Tab Page (Pro)" and "We Tab New Tab Page" browser extensions have been compromised represents a credible and severe threat vector, given the established history of supply-chain attacks against widely used browser add-ons. Such extensions, which operate with high-level permissions to modify the new tab page and often have access to browsing data, are prime targets for malicious actors. A successful poisoning would typically involve the extension's code being updated—either through a hijacked developer account or a compromised update server—to inject malicious scripts. These scripts could then engage in activities ranging from ad injection and data theft to credential harvesting and redirecting users to phishing sites. The specific risk is amplified by the trust users place in these functional, utility-based extensions and the automatic update mechanisms of browser stores, which can silently propagate the poisoned code to a large installed base.

While the precise technical details and current status of these specific extensions require verification from official browser store audits or security researchers, the general mechanism of such an attack is well-understood. The primary defense lies in the review processes of platforms like the Chrome Web Store or Microsoft Edge Add-ons store, but these are not infallible. In past incidents, malicious extensions have remained available for days or weeks before detection. Therefore, the immediate practical implication of such rumors is that users and enterprise administrators should treat them as actionable warnings. This entails checking the extension's recent update history, reviewing its current permissions, and looking for anomalous browser behavior such as unexpected ads, redirects, or performance issues. For the named extensions, a prudent step would be to temporarily disable them pending official confirmation from the developer or the hosting platform, and to scrutinize any recent user reviews or discussions reporting suspicious activity.

The broader implications extend beyond individual user security to underscore systemic vulnerabilities in the browser extension ecosystem. An attack on popular new tab page extensions, which often serve as a user's primary browser interface, can undermine trust in the entire add-on infrastructure. It highlights the critical dependency on the security practices of individual developers and the efficacy of storefront policing. For organizations, such incidents reinforce the necessity of strict extension allow-listing policies. Ultimately, the response to these rumors should be measured but proactive: the potential damage from a compromised extension with deep browser integration is significant enough to warrant a cautious, evidence-gathering approach while awaiting definitive statements from authoritative sources like the extension developers or browser vendors. The absence of such confirmation at the time of the rumor's circulation is, in itself, a material risk factor that users must account for in their immediate security posture.