Breaking Endpoint Anti-Ransomware: Going Browser Native
Nishant Sharma, Vivek Ramachandran
BSidesSF 2026 · Day 2 · AMC Theatre 07
In an era where digital identities and critical data increasingly reside within the browser and cloud services, traditional endpoint security measures are facing a formidable new challenge. This talk, "Breaking Endpoint Anti-Ransomware: Going Browser Native," presented by Nishant Sharma, Director of Threat Research at Zscaler (formerly of Square X), illuminates a paradigm shift in ransomware attacks. Sharma meticulously details how malicious actors are circumventing conventional endpoint detection and response (EDR) systems by executing ransomware operations entirely within the browser environment, without ever touching the underlying operating system.
AI review
Competent threat research walk-through on browser-native ransomware via OAuth abuse and malicious extensions, with live demos that land the core point cleanly. The attack concepts are real and worth communicating, but none of this is novel to anyone who's been paying attention to browser security research over the past few years — and the Zscaler acquisition of SquareX hangs over the defensive section like a billboard.