Browser

Two Chrome Extensions Found Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Cybersecurity researchers have identified two malicious Chrome extensions that secretly collect user conversations from OpenAI ChatGPT and DeepSeek, along with browsing data, sending it to servers controlled by attackers. Together, these extensions have been installed by over 900,000 users worldwide. Identified Malicious Extensions The extensions are: These discoveries follow the earlier detection of Urban VPN […]

Two Chrome Extensions Found Stealing ChatGPT and DeepSeek Chats from 900,000 Users Read More »

DarkSpectre Browser Extension Campaigns Exposed After Affecting 8.8 Million Users Worldwide

Cybersecurity researchers have uncovered a large-scale malicious browser extension operation that has affected more than 8.8 million users across Google Chrome, Microsoft Edge, and Mozilla Firefox over a period exceeding seven years. The activity has been linked to a Chinese threat actor tracked by Koi Security under the name DarkSpectre. The investigation connects two previously

DarkSpectre Browser Extension Campaigns Exposed After Affecting 8.8 Million Users Worldwide Read More »

Trust Wallet Chrome Extension Breach Leads to 7 Million Dollar Crypto Loss via Malicious Code

Trust Wallet has issued an urgent advisory asking users to update its Google Chrome browser extension after confirming a security incident that resulted in cryptocurrency losses totaling approximately $7 million. The breach specifically affected Trust Wallet Chrome Extension version 2.68, while users who upgraded to version 2.69 are no longer at risk. According to the

Trust Wallet Chrome Extension Breach Leads to 7 Million Dollar Crypto Loss via Malicious Code Read More »

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Websites

Cybersecurity researchers have uncovered two malicious Google Chrome extensions operating under the same name and published by the same developer, both designed to secretly intercept web traffic and steal user credentials on a massive scale. The extensions are promoted as a “multi location network speed test plug in” aimed at developers and professionals working in

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Websites Read More »

GhostPoster Malware Discovered in 17 Firefox Add ons with Over 50,000 Downloads

A newly identified malware campaign named GhostPoster has been uncovered abusing logo image files embedded within browser extensions to deliver malicious JavaScript code. The operation targeted users of Mozilla Firefox through at least 17 compromised add-ons that collectively recorded more than 50,000 downloads before being removed. The findings were disclosed by Koi Security, which identified

GhostPoster Malware Discovered in 17 Firefox Add ons with Over 50,000 Downloads Read More »

Featured Chrome Extension Caught Intercepting Millions of Users AI Chats

A browser extension carrying a “Featured” badge on Google Chrome has been discovered quietly collecting artificial intelligence chat conversations from millions of users. The extension, installed by more than six million people, was observed intercepting prompts and responses from popular AI platforms without clear user awareness. Security researchers revealed that the extension, Urban VPN Proxy,

Featured Chrome Extension Caught Intercepting Millions of Users AI Chats Read More »

Google Introduces Layered Chrome Defenses to Stop Indirect Prompt Injection Threats

Google has expanded the security framework of Chrome after adding agentic AI features to the browser. The company unveiled a new series of defenses designed to reduce the risk of indirect prompt injections that may occur when an AI agent interacts with untrusted web content. The most notable addition is the User Alignment Critic, a

Google Introduces Layered Chrome Defenses to Stop Indirect Prompt Injection Threats Read More »

Zero Click Agentic Browser Attack Can Wipe Entire Google Drive Through Crafted Emails

A new agent based browser attack has been discovered in Perplexity’s Comet browser, and researchers from Straiker STAR Labs warn that it can turn a harmless looking email into a destructive command that erases all files stored in a user’s Google Drive account. The method is known as the Zero Click Google Drive Wiper technique.

Zero Click Agentic Browser Attack Can Wipe Entire Google Drive Through Crafted Emails Read More »

GlassWorm Resurfaces With 24 Malicious Extensions Masquerading as Popular Developer Tools

The notorious supply chain threat, GlassWorm, has resurfaced, targeting developers by infiltrating both the Microsoft Visual Studio Marketplace and Open VSX with 24 malicious extensions. These extensions impersonate widely-used developer frameworks and tools, including Flutter, React, Tailwind, Vim, and Vue. Originally documented in October 2025, GlassWorm uses the Solana blockchain to manage command-and-control operations, harvest

GlassWorm Resurfaces With 24 Malicious Extensions Masquerading as Popular Developer Tools Read More »

Chrome extension exposed for adding secret Solana transfer fees to Raydium swaps

Cybersecurity analysts have identified a malicious Chrome extension that secretly adds an unauthorized Solana transfer during Raydium swap transactions and redirects the funds to a cryptocurrency wallet controlled by an attacker. The extension, called Crypto Copilot, was released by a user known as “sjclark76” on May 7, 2024. It is marketed as a tool that

Chrome extension exposed for adding secret Solana transfer fees to Raydium swaps Read More »