This critical Chrome browser vulnerability lets malicious extensions spy on your PC ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek. With nearly 900,000 installs and activity across more than 20,000 enterprise ...

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

Your web browser may feel like a safe place, especially when you install helpful tools that promise to make your life easier. But security researchers have uncovered ...

Push Security, a leader in browser-based threat detection and response, today announced new malicious browser extension detection and blocking capabilities within its browser-based security platform.

Chrome extensions are incredibly useful, whether you want to block ads, track the best deals or enhance your browsing experience. They can be downloaded from the Chrome Web Store, which functions like ...

The recent attack campaign targeting browser extensions shows that malicious browser extensions are the next frontier for identity attacks. More than 2.6 million users across thousands of ...

Malicious browser extensions are a widespread problem. Even vetted extensions can be dangerous. Here's what you should do to avoid issues. Koi Security investigated a single malicious extension used ...

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, ...

Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply chain ...