Explore the world of Firefox extension security in this 57-minute Black Hat conference talk. Delve into the novel extension-reuse vulnerability that allows adversaries to launch stealthy attacks against users. Learn about CROSSFIRE, a lightweight static analyzer for Firefox legacy extensions that automatically discovers vulnerabilities and generates exploit templates. Discover how popular extensions, downloaded by millions of users, contain exploitable extension-reuse vulnerabilities. Examine the impact of these vulnerabilities, challenges in detection, and potential solutions through a comprehensive analysis of extension architecture, threat models, and existing security methods. Gain insights into the effectiveness of malicious extensions in evading detection by extension vetters. Understand the implications for browser security and the importance of addressing these vulnerabilities to protect users' sensitive information and system resources.