skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Cyberhaven Confirms Cyberattack via Compromised Chrome Extension

/ 1 min read

🦠 Cyberhaven suffers supply-chain attack via compromised Chrome extension. Data-loss prevention startup Cyberhaven confirmed a cyberattack that involved hackers publishing a malicious update to its Chrome extension, potentially exposing customer passwords and session tokens. The breach occurred on December 25, when a compromised company account allowed the malicious update to be released. Cyberhaven has since removed the harmful version and issued a legitimate update. The company advises affected users to revoke and rotate all passwords and review logs for suspicious activity. This incident is part of a broader campaign targeting multiple Chrome extension developers, with Cyberhaven cooperating with federal law enforcement and engaging an incident response firm for further investigation.

Source
{entry.data.source.title}
Original