Hosted on MSN

Compromised Amazon Q extension told AI to delete everything – and it shipped

Malicious actor reportedly sought to expose AWS 'security theater' The official Amazon Q extension for Visual Studio Code (VS Code) was compromised to include a ...

These Browser Extensions You’ve Used For Years May Now Be Spying On You

Researchers identify 17 additional extensions associated with the DarkSpectre threat actor and its GhostPoster campaign.
Hosted on MSN

Google Chrome at risk from shape-shifting browser extensions — how to stay safe

Just like malicious apps on your smartphone, malicious browser extensions can put your devices and the sensitive data stored in your browser at serious risk. The problem with malicious browser ...
Dark Reading

Google's Souped-up Chrome Store Review Process Foiled by Data-Stealer

Malicious yet legitimate-looking Google Chrome browser extensions that steal people's passwords and other sensitive data can still make it into the official app store, despite Google's adoption of a ...
Forbes

Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk

This Google Chrome browser extension attack compromised authentication cookies. Update, Dec. 31, 2024: This story, originally published Dec. 29 now includes an explanation of how 2FA bypass session ...
Bleeping Computer

LastPass says 12-hour outage caused by bad Chrome extension update

LastPass says its almost 12-hour outage yesterday was caused by a bad update to its Google Chrome extension. Starting at around 1 PM ET yesterday, LastPass users were suddenly unable to access their ...