CyberGuy

Malicious Google Chrome extensions hijack accounts

New fake Chrome extensions pose as HR tools to hijack accounts, steal logins and block security controls. Here is how to stay ...
TechCrunch

Cyber firm’s Chrome extension hijacked to steal user passwords

Data-loss prevention startup Cyberhaven says hackers published a malicious update to its Chrome extension that was capable of stealing customer passwords and session tokens, according to an email sent ...
Forbes

Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk

This Google Chrome browser extension attack compromised authentication cookies. Update, Dec. 31, 2024: This story, originally published Dec. 29 now includes an explanation of how 2FA bypass session ...
Bleeping Computer

Cookie-Bite attack PoC uses Chrome extension to steal session tokens

Varonis' malicious Chrome extension contains logic to monitor the victim's login events, listening for tab updates that match Microsoft login URLs. When a login occurs, it reads all cookies scoped to ...
Forbes

Google’s Surprise Chrome Security Decision—A New Web Store

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. The recent Chrome browser 2FA bypass attacks involved dozens ...
Computerworld

What Windows users need to know about Chrome’s browser extension shakeup

If you’re a Windows user who relies on Google Chrome, get ready: your favorite browser is about to cull your extensions. The Chrome browser is now displaying a message saying some extensions “may soon ...