Show HN: Daily-updated database of malicious browser extensions

Your cute little add‑ons might be snooping. A dev just dropped a daily‑updated database of Chrome/Edge extensions booted from the Chrome Web Store for malware and shady behavior—perfect timing after headlines about ChatGPT chat spies, stolen API keys, and a $6,000 “guaranteed” malware kit. For non‑tech readers: extensions are tiny tools for your browser; sometimes they go rogue. This list auto‑pulls removals from monitoring services, security blogs, and threat feeds, and exposes bad actors by ID, name, and date. Data ships in simple files (.csv, .md), with a no‑frills Mac checker coming soon. Applause? Yes. Panic? Also yes.

The sharpest comment came from KevinChasse, warning that “the verification process itself can become a target,” and pushing for stateless, on‑device checks that can’t be hijacked. Then the feature requests piled up: “Could Firefox extensions be included?” asked politelemon. “Brave support by any chance?” added julius, noting Linux found Chrome but not their main browser. The mood: we love it—now make it universal and bulletproof. Hype crew (“hope this gets the attention it deserves!”) mixed with gallows humor: extensions are the new exes—delete half and feel safer; check your Extensions tab like your bank statement. Translation: audit your add‑ons before they audit you.