Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...

Dozens of widely used browser extensions have been collecting and selling user data with explicit disclosure in their privacy ...

Over 100 Chrome extensions sharing C&C infrastructure were seen stealing user data, injecting ads, and containing a backdoor.

LinkedIn is facing two lawsuits over its practice of scanning users’ browsers to determine which extensions they’re running. Two class action complaints were filed by different law firms on behalf of ...

Malicious browser extensions disguised as TikTok downloaders compromised 130,000 users, exposing a growing blind spot in ...

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. Researchers at application security ...

Over 70 clones of popular extensions published to the Open VSX marketplace in April are likely designed to deliver GlassWorm ...

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...

A large-scale campaign involving 108 malicious Chrome extensions has been uncovered, affecting roughly 20,000 users. The extensions, spread across categories such as gaming, social media tools and ...

Researchers have determined that Microsoft's LinkedIn is scanning browser plug-ins and other information without permission, building user profiles using data that the company did not get permission ...

A new report links 108 Chrome extensions to identity theft, session hijacking, and browser abuse, which means your ...

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed extensions and collect device data.