Cleartext Passwords in MS Edge? In 2026?, (Mon, May 4th)

The author demonstrates that Microsoft Edge keeps saved usernames and passwords in cleartext within the browser process memory; by creating a memory dump of the Edge "browser" subprocess and running strings (filtered for patterns like "comhttps"), stored credentials can be trivially recovered. The post includes reproduction steps, screenshots, and notes that Microsoft classifies the behavior as "intended," warning that any malware running as the logged-in user could harvest these credentials.