Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages
Opera GX flaw allowed silent mod installation to steal user data from visited pages.
Summary
Researchers discovered a critical vulnerability in Opera GX that allowed malicious websites to silently install browser mods, which could then exfiltrate sensitive data from visited pages, such as a user's full Gmail address. Opera has since patched the flaw in version 130.0.5847.89 and stated there is no evidence of its exploitation in the wild. The vulnerability leveraged the browser's mod installation pipeline, which did not require user approval.
Full text
Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages Swati KhandelwalJul 06, 2026Vulnerability / Web Security Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits. In a proof of concept, they reconstructed a signed-in user's full Gmail address from a single visit, with no click. Opera has patched the flaw and says it found no evidence that it was ever used in the wild. The fix shipped in Opera GX version 130.0.5847.89, so anyone on a current build is already covered; you can confirm yours at opera://about. There is no CVE. Because the attack needed no clicks or approvals, there was no workaround short of the patch. Opera's bug bounty team rated the issue P1, its top severity, and paid the maximum $5,000 award for a critical bug. How the attack works GX Mods let you reskin Opera GX with custom sounds, themes, wallpapers, and CSS that restyles the sites you visit. They ship as .crx files, like browser extensions, but they cannot run JavaScript and hold no permissions. The weakness is in how they install: Opera's mod pipeline downloads and enables a mod automatically, with no approval prompt. So a malicious page can install one silently, for instance by loading a hidden iframe pointed at a .crx file. The only sign is a notification bar below the address bar telling you a mod was added, with a Remove button. This auto-install behavior is not new. The researcher Renwa identified it back in 2023 and, by escalating an installed mod into a full extension, used it to spoof the browser's address bar. Opera patched that specific attack in March 2023 but left the underlying auto-install in place, which is what this new research builds on. A silent look-and-feel mod sounds harmless on its own. But a mod's CSS is applied to every page you visit, not just one. Ordinary CSS injection is confined to the page it lands on; here, the attacker's styling reaches every site the browser opens, a technique the researchers call a universal CSS injection. CSS cannot read a page and send it off on its own. But it can be coaxed into leaking a value one piece at a time. The trick relies on attribute selectors: a rule can test whether an element's attribute value, like an email tucked into a hidden field, begins with a given letter, and fetch a background image from the attacker's server only when it does. Fire enough of these, and you learn the value character by character. Researchers call this an XS-Leak, short for cross-site leak. To pull a Gmail address, the researchers aimed this at a Google account page, myaccount.google.com/contactemail, that carries the address inside three of its HTML attributes. They packed a mod with roughly 150,000 CSS rules, one set for every possible three-letter piece of the address, and let a reconstruction script stitch the matches back together. They first tried four-letter pieces, which needed 5.6 million rules and about 880 MB of CSS. The browser choked, so they scaled down to three-letter chunks that overlap just enough to reassemble. Chaining it together took only a nudge. The victim lands on the attacker's page, the mod installs within seconds, and a few lines of JavaScript then redirect the browser to the Google account page. The mod's CSS is already loaded there, so it fires the requests and leaks the address as the page renders, before the victim can reach the notice's Remove button. The Gmail address was just the proof of concept; the same approach can lift other values a page exposes in its markup, like a username. The same auto-install path has a second, cruder use the researchers documented: loading a .crx while in private (Incognito) mode crashes the browser and dumps every open tab. This one hits regular Opera too, not just Opera GX, since any .crx trips the extension-install pipeline, whatever it contains. Opera's advisory addresses the data-theft fix and does not mention the crash. Severity and the bigger picture The report almost did not get its due. Opera runs its bounty program on Bugcrowd, and the triage analysts struggled to grasp what the bug did, first rating it a middling P3. The researchers made their case in an unusually direct way: while an analyst was reproducing the attack, they caught the analyst's own trigrams, rebuilt the analyst's Gmail address, and pasted it into the report. Opera's team then raised the severity to P1 and paid the $5,000 critical-tier maximum. Opera's own account is more measured. In its advisory, the company says it is "quite confident" the flaw was never exploited in the wild, and frames the attack as complicated to pull off: the victim had to land on a malicious site, end up with a fresh mod, and ignore the removal notice long enough for the redirect to fire. The researchers' demo is the counterweight. Their redirect runs in the seconds before a user can even read the notice, let alone click Remove. It was a narrow, fiddly attack that Opera found no trace of in the wild, and it still worked with zero clicks once it was set up. The risk here was never the cosmetic feature by itself. It was reach. Once a mod's CSS could follow you from one site to the next, "just styling" turned out to be plenty. That is the twist on a familiar idea: CSS-only theft usually stays trapped on the page where it is injected, as in PortSwigger's Blind CSS Exfiltration research, but here it rode along on every site the victim opened. It is also not the first Opera feature turned against its users; The Hacker News covered the 2024 MyFlaw bug in Opera's My Flow, and Opera had been warned about this very auto-install behavior since 2023. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE Tweet Share Share Share SHARE browser security, bug bounty, data theft, Extension Security, Privacy, Software Security, Vulnerability, Web Security, Zero-Click Attack ⚡ Top Stories This Week ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs New Linux pedit COW Exploit Enables Root Access by Poisoning Cached Binaries OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards FBI Warns Russian Intelligence Hackers Target Signal Backup Recovery Keys Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts ⚡ Weekly Recap: Linux Kernel Flaws, AI Malware Tricks, Turla Backdoor, Infostealers and More Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks WhatsApp is Finally Getting Usernames to Help Keep Phone Numbers Private Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild New BioShocking Attack Tricks AI Browsers Into Leaking User Credentials AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks 282 iOS AI Apps Leak API Keys and Open AI Proxy Access in Network Traffic Study GuardFall Exposes Open-Source AI Coding Agents to Decades-Old Shell Injection Risks Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS ⭐ Featured Resources What 200+ Security Teams Reveal About Using IP Intelligence in 2026 Get Hands-On SANS Training for Today’s Cyber Defense and Offensive Security Challenges See What’s Really Exposed Across Your IT, OT, IoT, Cloud, and Mobile Assets Get Gartner’s Guide to AI Agent Supervision and Runtime Controls