ModHeader removed from Edge store after hidden data-collection module found in build 7.0.18
Microsoft pulled ModHeader from its Edge Add-ons store on July 3, 2026, after Google flagged the popular header-editing extension — which had around 1.6 million combined installs — as malware. Security researchers analyzing build 7.0.18 discovered a concealed module disguised as a date-formatting library, capable of collecting visited domains and encrypting them for upload to an external server. The module appeared dormant in the tested build, and no confirmed evidence of data actually being transmitted was found, but its undisclosed presence raised serious concerns. Header-editing extensions carry elevated risk because they require broad browser permissions and sit in the request path of all browsing activity, including authenticated sessions. Developers relying on such tools are advised to audit extension permissions, inspect background network requests, and scrutinize bundled dependencies for code unrelated to the extension's stated purpose.
This is an AI-generated summary. ShortSingh links to the original source for the complete article.
Discussion (0)
Log in to join the discussion and vote.
Log in