These 35 Chrome extensions began stealing people's data after the developers got phished
Chrome extensions are never completely safe, even if the developer would never dream of infecting their user base with malware. Unfortunately, it's these kinds of loyal developers
Dozens of Chrome Extensions Hacked, Exposing Millions of Users to Data Theft
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft.
Hackers are hijacking Chrome extensions in an attempt to steal your data
Multiple Chrome browser extensions have been hijacked by hackers in recent months to steal data from their users.
New details reveal how hackers hijacked 35 Google Chrome extensions
New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.
Cyber firm’s Chrome extension hijacked to steal user passwords
The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."
Hackers hijacked legitimate Chrome extensions to try to steal data
Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes. Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET.
Google Chrome extensions targeted by hackers to steal user passwords
Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack, exposing sensitive customer data like passwords and session tokens. In a statement, the data loss prevention company noted the attack showed signs of being part of a “wider campaign” to target other companies,
Google Chrome Extensions Under Attack: Hackers Are Spreading Code To Steal Sensitive Information, Here's All We Know
A cyberattack campaign of advanced complexity has been identified, targeting 16 Chrome extensions with the intention of stealing sensitive information from Facebook ad users. Cybersecurity firm Cyberhaven has conducted an initial investigation,
Hackers Launch Supply Chain Attack Against Chrome Extensions
Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a
Hackers Use Chrome Extensions to Steal User Data
Hackers injected malicious code into multiple Chrome extensions this month, exploiting a phishing campaign to breach developer accounts. Cyberhaven, a cybersecurity company whose extension was compromised,
SecurityWeek20h
Cyberhaven Chrome Extension Hack Linked to Widening Supply Chain Campaign
The recent compromise of Cyberhaven’s Chrome extension appears to be part of a broad campaign that started over a year ago.
Data-loss prevention company Cyberhaven hit by breach, statement says
By Raphael Satter and AJ Vicens Hackers compromised an employee of the data-protection company Cyberhaven and used the worker ...
Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk
An attack aimed at bypassing two-factor authentication cookies for Google Chrome users has been confirmed—here’s what you ...
Bill McEwen12h
Hackers Exploit Chrome Extensions, Exposing Millions to 2FA Bypass Attacks
Chrome extension vulnerabilities leave millions at risk of 2FA bypass attacks, with hackers targeting multiple companies.
SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach
Palo Alto, Calif., USA, December 30th, 2024, CyberNewsWireSquareX, an industry-first Browser Detection and Response (BDR) ...
SecurityWeek1d
Several Chrome Extensions Compromised in Supply Chain Attack
Cyberhaven and other Chrome extensions were compromised in a supply chain attack targeting Facebook advertising users.