Tag: chrome
-
Trust Wallet confirms second Shai-Hulud supply-chain attack, $8.5M in crypto stolen
Trust Wallet says a second Shai-Hulud supply-chain attack likely compromised its Chrome extension, leading to the theft of about $8.5M in crypto. Trust Wallet linked a second Shai-Hulud supply-chain attack to its Chrome extension hack, which resulted in the theft of about $8.5 million in crypto assets. The investigation reveals that the attacker independently developed…
-
DarkSpectre Malware Campaign Hits Chrome, Edge, and Firefox Users
A sophisticated Chinese threat actor dubbed DarkSpectre has compromised 8.8 million users across Chrome, Edge, and Firefox through three distinct malware campaigns that have operated undetected for over seven years, researchers revealed today. The operation represents one of the most extensive and professionally organized browser extension threats ever documented, combining long-term infrastructure investment with nation-state-level…
-
Trust Wallet Chrome Extension Hack Drains $8.5M via Shai-Hulud Supply Chain Attack
Trust Wallet on Tuesday revealed that the second iteration of the Shai-Hulud (aka Sha1-Hulud) supply chain outbreak in November 2025 was likely responsible for the hack of its Google Chrome extension, ultimately resulting in the theft of approximately $8.5 million in assets.”Our Developer GitHub secrets were exposed in the attack, which gave the attacker access…
-
DarkSpectre Browser Extension Campaigns Exposed After Impacting 8.8 Million Users Worldwide
The threat actor behind two malicious browser extension campaigns, ShadyPanda and GhostPoster, has been attributed to a third attack campaign codenamed DarkSpectre that has impacted 2.2 million users of Google Chrome, Microsoft Edge, and Mozilla Firefox.The activity is assessed to be the work of a Chinese threat actor that Koi Security is tracking under the…
-
Widely Used Malicious Extensions Steal ChatGPT, DeepSeek Conversations
Threat actors used two malicious Chrome extensions that have 900,000 users to steal their chats with AI models like ChatGPT and DeepSeek and browser history. The incident is the latest in a growing string of attacks in which hackers weaponized browser extensions to exfiltrate huge amounts of sensitive data. First seen on securityboulevard.com Jump to…
-
Widely Used Malicious Extensions Steal ChatGPT, DeepSeek Conversations
Threat actors used two malicious Chrome extensions that have 900,000 users to steal their chats with AI models like ChatGPT and DeepSeek and browser history. The incident is the latest in a growing string of attacks in which hackers weaponized browser extensions to exfiltrate huge amounts of sensitive data. First seen on securityboulevard.com Jump to…
-
Zoom Stealer browser extensions harvest corporate meeting intelligence
A newly discovered campaign, which researchers call Zoom Stealer, is affecting 2.2 million Chrome, Firefox, and Microsoft Edge users through 18 extensions that collect online meeting-related data like URLs, IDs, topics, descriptions, and embedded passwords. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zoom-stealer-browser-extensions-harvest-corporate-meeting-intelligence/
-
Hackers Compromise Trust Wallet Chrome Extension, Users Claim Millions Stolen
Trust Wallet users suffered devastating losses exceeding $7 million after cybercriminals compromised the Chrome browser extension version 2.68.0, released on December 24, 2025. The breach, which targeted desktop users exclusively, left hundreds of wallets completely drained within hours of the malicious update’s deployment. Blockchain investigator ZachXBT initially flagged the incident on the social media platform…
-
Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites
Cybersecurity researchers have discovered two malicious Google Chrome extensions with the same name and published by the same developer that come with capabilities to intercept traffic and capture user credentials.The extensions are advertised as a “multi-location network speed test plug-in” for developers and foreign trade personnel. Both the browser add-ons are available for download as…
-
Malicious extensions in Chrome Web store steal user credentials
Two Chrome extensions in the Web Store named ‘Phantom Shuttle’ are posing as plugins for a proxy service to hijack user traffic and steal sensitive data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/malicious-extensions-in-chrome-web-store-steal-user-credentials/
-
Fake VPN Chrome Extensions Steal Credentials by Intercepting User Traffic
Socket’s Threat Research Team has exposed a sophisticated credential-harvesting campaign that has operated through malicious Chrome extensions since 2017. Two variants of an extension named Phantom Shuttle (幻影穿æ¢), published under the threat actor email theknewone.com@gmail.com, have compromised over 2,180 users by masquerading as legitimate network testing tools while executing complete traffic interception and credential theft. The extensions market…
-
Urban VPN Proxy Spies on AI Chatbot Conversations
Browser Tools Capture Chatbot Data, Sell to Data Broker: Koi Security. A browser extension promising a free clientless VPN for Chrome users has been harvesting conversations from artificial intelligence chatbot platforms and selling the data to third-party brokers. The data collection operates independently of the VPN functionality itself. First seen on govinfosecurity.com Jump to article:…
-
Exploit-Welle zwingt Unternehmen zum schnellen Update – Google stopft eine aktiv ausgenutzte Chrome-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/chrome-browser-aktives-angle-exploit-a-7d30d8d636bd2586e106f46e75f03cf6/
-
Exploit-Welle zwingt Unternehmen zum schnellen Update – Google stopft eine aktiv ausgenutzte Chrome-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/chrome-browser-aktives-angle-exploit-a-7d30d8d636bd2586e106f46e75f03cf6/
-
Exploit-Welle zwingt Unternehmen zum schnellen Update – Google stopft eine aktiv ausgenutzte Chrome-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/chrome-browser-aktives-angle-exploit-a-7d30d8d636bd2586e106f46e75f03cf6/
-
Von 6 Millionen Nutzern installiert: Diese Chrome-Erweiterung sammelt laut Experten heimlich deine ChatGPT-Daten
First seen on t3n.de Jump to article: t3n.de/news/6-millionen-nutzer-installiert-chrome-erweiterung-sammelt-heimlich-chatgpt-daten-1721943/
-
Von 6 Millionen Nutzern installiert: Diese Chrome-Erweiterung sammelt laut Experten heimlich deine ChatGPT-Daten
First seen on t3n.de Jump to article: t3n.de/news/6-millionen-nutzer-installiert-chrome-erweiterung-sammelt-heimlich-chatgpt-daten-1721943/
-
When Zero-Days Go Active: What Ongoing Windows, Chrome, and Apple Exploits Reveal About Modern Intrusion Risk
A series of actively exploited zero-day vulnerabilities affecting Windows, Google Chrome, and Apple platforms was disclosed in mid-December, according to The Hacker News, reinforcing a persistent reality for defenders: attackers no longer wait for exposure windows to close. They exploit them immediately. Unlike large-scale volumetric attacks that announce themselves through disruption, zero-day exploitation operates quietly.…
-
Google Chrome Extension is Intercepting Millions of Users’ AI Chats
A Chrome browser extension with 6 million users, as well as seven other Chrome and Edge extensions, for months have been silently collecting data from every AI chatbot conversion, packaging it, and then selling it to third parties like advertisers and data brokers, according to Koi Security. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/google-chrome-extension-is-intercepting-millions-of-users-ai-chats/
-
Chrome Security Update Fixes Remote Code Execution Flaws
Tags: browser, chrome, cyber, flaw, google, linux, remote-code-execution, update, vulnerability, windowsGoogle has released an emergency security update for the Chrome browser, addressing two high-severity vulnerabilities that could enable remote code execution attacks. The stable channel update version 143.0.7499.146/.147 is now rolling out to Windows, Mac, and Linux users.”‹ Critical Vulnerabilities Patched The update fixes two significant security flaws reported by external security researchers. The first…
-
Chrome Extension with 6M+ Users Found Collecting AI Chatbot Inputs
A popular browser extension promoted as a free and secure VPN has been discovered secretly capturing user conversations across multiple AI chatbot platforms including ChatGPT, Claude, Gemini, and Microsoft Copilot raising fresh concerns over privacy and data exploitation in the age of generative AI. Researchers using the Wings agentic”‘AI risk engine uncovered that Urban VPN…
-
Featured Chrome Browser Extension Caught Intercepting Millions of Users’ AI Chats
A Google Chrome extension with a “Featured” badge and six million users has been observed silently gathering every prompt entered by users into artificial intelligence (AI)-powered chatbots like OpenAI ChatGPT, Anthropic Claude, Microsoft Copilot, DeepSeek, Google Gemini, xAI Grok, Meta AI, and Perplexity.The extension in question is Urban VPN Proxy, which has a 4.7 rating…
-
A Browser Extension Risk Guide After the ShadyPanda Campaign
In early December 2025, security researchers exposed a cybercrime campaign that had quietly hijacked popular Chrome and Edge browser extensions on a massive scale.A threat group dubbed ShadyPanda spent seven years playing the long game, publishing or acquiring harmless extensions, letting them run clean for years to build trust and gain millions of installs, then…
-
BSI prüft Chrome, 1Password und Co.: Was du über die Sicherheit von Passwortmanagern wissen musst
First seen on t3n.de Jump to article: t3n.de/news/bsi-prueft-chrome-1password-und-co-1721006/
-
CISA Alerts on Actively Exploited Google Chromium Zero-Day Flaw
Tags: access, browser, chrome, cisa, cyber, cybersecurity, exploit, flaw, google, infrastructure, risk, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical zero-day vulnerability in Google Chrome that is being actively exploited in the wild. The flaw, tracked asCVE-2025-14174, poses a significant risk to millions of users across multiple web browsers. Vulnerability Details Security researchers discovered an out-of-bounds memory access vulnerability within…
-
Google fixed a new actively exploited Chrome zero-day
Google addressed three vulnerabilities in the Chrome browser, including a high-severity bug already exploited in the wild. Google released security updates to fix three vulnerabilities in the Chrome browser, including a high-severity flaw that threat actors are already exploiting in real-world attacks. >>Google is aware that an exploit for 466192044 exists in the wild,
-
Chrome Targeted by Active InWild Exploit Tied to Undisclosed High-Severity Flaw
Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active exploitation in the wild.The vulnerability, rated high in severity, is being tracked under the Chromium issue tracker ID “466192044.” Unlike other disclosures, Google has opted to keep information about the CVE identifier,…