Chrome, more extensions

These 35 Chrome extensions began stealing people's data after the developers got phished
Chrome extensions are never completely safe, even if the developer would never dream of infecting their user base with malware. Unfortunately, it's these kinds of loyal developers
Hackers hijacked legitimate Chrome extensions to try to steal data
Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes. Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET.
Cyber firm’s Chrome extension hijacked to steal user passwords
The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."
New details reveal how hackers hijacked 35 Google Chrome extensions
New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.
Hackers Exploit Chrome Extensions, Exposing Millions to 2FA Bypass Attacks
Chrome extension vulnerabilities leave millions at risk of 2FA bypass attacks, with hackers targeting multiple companies.
Hackers are hijacking Chrome extensions in an attempt to steal your data
Multiple Chrome browser extensions have been hijacked by hackers in recent months to steal data from their users.
Dozens of Chrome Extensions Hacked, Exposing Millions of Users to Data Theft
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft.
Several Chrome Extensions Compromised in Supply Chain Attack
Cyberhaven and other Chrome extensions were compromised in a supply chain attack targeting Facebook advertising users.
Google Chrome extensions targeted by hackers to steal user passwords
Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack, exposing sensitive customer data like passwords and session tokens. In a statement, the data loss prevention company noted the attack showed signs of being part of a “wider campaign” to target other companies,
Google Chrome Extensions Under Attack: Hackers Are Spreading Code To Steal Sensitive Information, Here's All We Know
A cyberattack campaign of advanced complexity has been identified, targeting 16 Chrome extensions with the intention of stealing sensitive information from Facebook ad users. Cybersecurity firm Cyberhaven has conducted an initial investigation,
Hackers Launch Supply Chain Attack Against Chrome Extensions
Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a
Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk
An attack aimed at bypassing two-factor authentication cookies for Google Chrome users has been confirmed—here’s what you ...
SecurityWeek23h
Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign
The recent compromise of Cyberhaven’s Chrome extension appears to be part of a broad campaign that started over a year ago.
Hosted on MSN1d
Hackers May Have Compromised Multiple Popular Google Chrome Extensions
A hacker phished a Cyberhaven employee to upload a malicious version of the company's Chrome extension, but it may not be the ...
SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach
SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago ...
brandequity.economictimes.indiatimes4d
Data-loss prevention company Cyberhaven hit by breach, statement says
Data-loss prevention company Cyberhaven hit by breach, statement says. Hackers compromised an employee of the data-protection ...