900K Users Hit as Malicious Chrome Extensions Steal ChatGPT, ...

In Chrome and Edge, 18 harmful browser extensions were identified as redirecting users to malicious sites and hijacking data. The extensions accumulated hundreds of reviews and more than 2.3 million users before receiving malicious updates, according to K

A massive and ongoing campaign involving over 100 malicious Chrome extensions has been uncovered, with threat actors deploying browser add-ons disguised as free AI tools, VPN services, crypto utilities, and SEO optimizers to infiltrate user systems.

Taking five of the organization's most popular browser extensions, many of which were uploaded as early as 2018 and garnered Featured and Verified status, the group uploaded malicious software updates that infected over 300,000 Chrome and Edge users w

DarkSpectre malware infected 8.8 million users through browser extensions on Chrome, Edge and Firefox over seven years. Koi Security researchers uncovered the operation.

Researchers have discovered a campaign of malicious browser extensions that were available in the official Chrome and Edge web stores.

OX Security reveals how malicious Chrome extensions exposed AI chats from ChatGPT and DeepSeek, silently siphoning sensitive data from 900,000 users.

According to researchers at Koi Security, the malicious extensions were part of a coordinated operation involving at least 18 known add-ons listed on the Chrome and Edge extension stores.