Widespread cyberattack targets Google Chrome extensions, compromises 2.6 million devices
The attack, which began on Christmas Eve, exploited a vulnerability in the Chrome Web Store's developer authentication system ...
5 browser extension rules to keep your system safe in 2025
If you use browser extensions, you should be careful about which ones you install and use. Here's how you can do that.
Time to check if you ran any of these 33 malicious Chrome extensions
The malicious extension, available as version 24.10.4, was available for 31 hours, from December 25 at 1:32 AM UTC to Dec 26 ...
SecurityWeek6d
Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign
The recent compromise of Cyberhaven’s Chrome extension appears to be part of a broad campaign that started over a year ago.
Cyber firm’s Chrome extension hijacked to steal user passwords
The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers." ...
Google Chrome Attack Alert—Full List Of Hacked Extensions Published
Hackers have targeted Google Chrome users in a frightening 2FA bypass attack—a full list of impacted extensions has now been ...
Data-loss prevention company Cyberhaven hit by breach, statement says
By Raphael Satter and AJ Vicens Hackers compromised an employee of the data-protection company Cyberhaven and used the worker ...
techzine4d
Cyberhaven breach caused by malicious Chrome extension
Dec. 25, 2024, cybersecurity firm Cyberhaven was the target of a large-scale attack. Through their Chrome extension, 400,000 ...
New details reveal how hackers hijacked 35 Google Chrome extensions
New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise ...
Cybersecurity firm's Chrome extension hijacked to steal users' data
At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals ...
Hackers hijacked legitimate Chrome extensions to try to steal data
Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes.
CSOonline5d
SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach
SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago ...