CyberSecurityBoardThreat Intel · CVEs · Products
Cyber Companies

Stripe OLT Analyzes ModHeader Extension’s Hidden Collector

July 13, 2026

UK security firm Stripe OLT analyzed the ModHeader extension and confirmed that a dormant browsing-history collector was embedded in the official, store-signed version. The collector was designed to encrypt and exfiltrate browsing data but was gated by an empty allow-list.