There's been a bunch of recent posts about high-profile browser extension compromises here on HN, so I decided to write a short substack article about it.

TL;DR be cautious of the Chrome ecosystem, vet authors/publishers, and use a gut check for "free" stuff