skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

16 Chrome Extensions Compromised, Affecting 600,000 Users

/ 1 min read

🕵️‍♂️ Massive phishing campaign compromises 16 Chrome extensions, exposing 600,000 users. A recent attack has targeted publishers of Chrome browser extensions, leading to the compromise of at least 16 extensions and the exposure of over 600,000 users to data theft. The campaign began with a phishing attack on cybersecurity firm Cyberhaven, allowing attackers to inject malicious code into its extension. This code was designed to steal cookies and access tokens, particularly from Facebook accounts. Security experts warn that the attack highlights vulnerabilities in browser extensions, which often have extensive permissions to sensitive user data. While some compromised extensions have been removed, the risk remains for users who have not updated or removed the malicious versions from their devices. Investigations are ongoing to identify the full scope of the attack and its perpetrators.

Source
{entry.data.source.title}
Original