The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
Engadget

Hackers injected malicious code into several Chrome extensions in recent attack

Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven ...
Geeky Gadgets

Build a Chrome Extension in Minutes with AI (No Code)

Creating a Chrome extension no longer requires extensive coding knowledge or years of technical experience. With the help of Cursor AI, an AI-powered code editor, you can now design, test, and publish ...
The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...
Fox News

Malicious browser extensions hit 4.3M users

A long-running malware campaign quietly evolved over several years and turned trusted Chrome and Edge extensions into spyware. A detailed report from Koi Security reveals that the ShadyPanda operation ...
Bleeping Computer

Malicious Chrome extensions with 75M installs removed from Web Store

Google has removed from the Chrome Web Store 32 malicious extensions that could alter search results and push spam or unwanted ads. Collectively, they come with a download count of 75 million. The ...

Google Lens Chrome Browser Tool Compromised To Steal Credentials

Chrome users have been warned that an tool claiming to search the screen with Google Lens was, in fact, a credential stealer.