The attack, which began on Christmas Eve, exploited a vulnerability in the Chrome Web Store's developer authentication system ...

The malicious extension, available as version 24.10.4, was available for 31 hours, from December 25 at 1:32 AM UTC to Dec 26 ...

The recent compromise of Cyberhaven’s Chrome extension appears to be part of a broad campaign that started over a year ago.

Dec. 25, 2024, cybersecurity firm Cyberhaven was the target of a large-scale attack. Through their Chrome extension, 400,000 ...

A BleepingComputer investigation found the same code was injected into at least 35 Google Chrome extensions, which are being ...

Cyberhaven and other Chrome extensions were compromised in a supply chain attack targeting Facebook advertising users.

New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise ...

Hackers have targeted Google Chrome users in a frightening 2FA bypass attack—a full list of impacted extensions has now been ...

Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack, exposing sensitive ...

Are your Extensions Affected?A malicious variant of Cyberhaven’s browser extension (v24.10.4) was uploaded to the Chrome ...

Over the Christmas period, the perpetrators gained access to various Chrome extensions – in some cases even much earlier.