Malicious GhostPoster browser extensions found with 840,000 installs

Another set of 17 malicious extensions linked to the GhostPoster campaign has been discovered in Chrome, Firefox, and Edge ...

ConsentFix debrief: Insights from the new OAuth phishing attack

ConsentFix is an OAuth phishing technique abusing browser-based authorization flows to hijack Microsoft accounts. Push ...

5 Free Browser Extensions You Should Always Install First

UBlock Origin, Just Read, and Toby are among the essential free extensions every user should add to their browser for a ...
BGR

Cyberhackers Just Turned 150 Browser Extensions Into Viruses - Here's How

While some consumers spend hours researching must-add Google Chrome extensions, most don't consider which ones they need to delete. Following a seven-year cyberhacking campaign that infected roughly 4 ...
The Hacker News

DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide

The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users ...
The Hacker News

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture ...