Hacking campaign compromised at least 16 Chrome browser extensions

Threat actors compromised at least 16 Chrome browser extensions leading to the exposure of data from over 600,000 users. A supply chain attack compromised 16 Chrome browser extensions, exposing over 600,000 users. Threat actors targeted the publishers of the extensions on the Chrome Web Store via phishing messages, then once obtained access to their account […]

GlassWorm Campaign Uses 72 Malicious Open VSX Extensions to Broaden Reach

itsecuritynews.info - 14/Mar 08:31

In a major escalation of supply chain attacks, the GlassWorm malware campaign has evolved to infect developer environments using transitive...

Phishing campaign exploits OAuth redirection to bypass defenses

securityaffairs.co - 03/Mar 11:50

Microsoft researchers warn that threat actors abuse OAuth redirects to target government users and deliver malware. Microsoft has warned of phishing...

Chrome security flaw enabled spying via Gemini Live assistant

securityaffairs.co - 03/Mar 08:48

A Google Chrome vulnerability lets malicious extensions hijack Gemini Live to spy on users and steal sensitive files. Researchers at Palo Alto...

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

itsecuritynews.info - 06/Mar 22:36

Millions installed ‘productivity’ Chrome extensions that became malware after acquisition. Here’s how browser extensions became enterprise...

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

itsecuritynews.info - 06/Mar 22:36

Millions installed ‘productivity’ Chrome extensions that became malware after acquisition. Here’s how browser extensions became enterprise...

Malicious Browser Add‑on Targets imToken Users’ Private Keys

itsecuritynews.info - 07/Mar 11:07

Socket’s Threat Research Team has uncovered a highly deceptive Google Chrome extension designed to steal private keys and seed phrases from...

Malicious Browser Add‑on Targets imToken Users’ Private Keys

itsecuritynews.info - 07/Mar 11:07

Socket’s Threat Research Team has uncovered a highly deceptive Google Chrome extension designed to steal private keys and seed phrases from...

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

itsecuritynews.info - 14/Mar 14:02

Cybersecurity researchers have flagged a new iteration of the GlassWorm campaign that they say represents a “significant escalation” in how it...

Iran-nexus APT Dust Specter targets Iraq officials with new malware

securityaffairs.co - 06/Mar 09:37

A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz...

Iran-nexus APT Dust Specter targets Iraq officials with new malware

securityaffairs.co - 06/Mar 09:37

A campaign by Iran-linked group Dust Specter is targeting Iraqi officials with phishing emails delivering new malware families. Zscaler ThreatLabz...

Rubriques :

Hacking campaign compromised at least 16 Chrome browser extensions

Articles similaires

GlassWorm Campaign Uses 72 Malicious Open VSX Extensions to Broaden Reach

Phishing campaign exploits OAuth redirection to bypass defenses

Chrome security flaw enabled spying via Gemini Live assistant

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

Malicious Browser Add‑on Targets imToken Users’ Private Keys

Malicious Browser Add‑on Targets imToken Users’ Private Keys

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Iran-nexus APT Dust Specter targets Iraq officials with new malware

Iran-nexus APT Dust Specter targets Iraq officials with new malware

Les derniers communiqués