Browser extensions turned malicious after years of legitimate operation in DarkSpectre campaign affecting millions. The ...

ShadyPanda, a Chinese hacker group operated several legitimate browser extensions for years before weaponizing them to ...

Malicious Chrome and Edge extensions collected browsing history, keystrokes and personal data from millions of users before Google and Microsoft removed them.

A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...

A newly uncovered Chinese threat group known as DarkSpectre has been linked to one of the most widespread browser extension ...

A “Featured” browser add-on marketed as privacy protection may have been copying AI chats. Koi Security says Urban VPN Proxy ...

Security researchers found two Chrome extensions with 900,000 installs secretly collecting ChatGPT and DeepSeek chats and ...

This is a cautionary tale for all of you who install extensions to Chrome or add-ons to Edge browsers willy-nilly. Security firm Koi has revealed that browser extensions with more than 8 million ...

DarkSpectre refers to three malware campaigns tied to malicious browser extensions, including 'sleeper' extensions that seem legit, but are not.

A newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsoft ...

Security researchers recently discovered two extensions for the Google Chrome browser were rerouting valuable traffic through compromised proxies, and thus sharing sensitive information with malicious ...