News

The zero-day that could've compromised every Cursor and Windsurf user
Learn how one overlooked flaw in OpenVSX discovered by Koi Secureity could've let attackers hijack millions of dev machines ...
Chrome and Edge browser extensions secretly hijacked, spied on millions of users
According to researchers at Koi Security, the malicious extensions were part of a coordinated operation involving at least 18 ...
Malicious Chrome extensions with 1.7M installs found on Web Store
Almost a dozen malicious extensions with 1.7 million downloads in Google's Chrome Web Store could track users, steal browser ...
CSO Online2d
Verified, featured, and malicious: RedDirection campaign reveals browser marketplace failures
Despite verified status and high ratings, 18 extensions silently deployed surveillance code, raising urgent questions about ...
Malicious Google Chrome and Edge extensions downloaded more than 2 million times - here's how to stay safe from being tracked online
Most were removed from the Play Store, but according to BleepingComputer, “many of them continue to be available”. Although ...
Daily Times on MSN3d
Over 1.7 million users at risk from malicious chrome extensions
Security researchers have discovered 11 malicious Google Chrome extensions that have collectively been downloaded over 1.7 ...
Massive browser hijacking campaign infects 2.3M Chrome, Edge users
The Geco extension has more than 800 reviews on the Chrome Web Store, 4.2 stars (out of 5), and "featured" placement.
All Chrome users must delete 11 apps downloaded over two million times NOW as experts issue ‘tracker’ warning
THOUSANDS of Chrome users are being urged to delete immediately certain apps that pose a security risk. It comes after ...
TweakTown3d
'Long con' browser extensions infect 2.3M Chrome and Edge users - here's what you need to know
Trusted extensions that had gained tons of positive reviews and installs over a long period of time suddenly turned malicious ...
htxt3d
Attackers turned legitimate browser extensions into a security nightmare
Attackers placed legitimate browser extensions online and then silently delivered malicious updates to millions of users.
Nearly 2 million people hit by malicious Chrome installations that can track you — what to do now
These unsafe extensions know your browsing activity, too.
SecurityWeek15d
Vulnerability Exposed All Open VSX Repositories to Takeover
A vulnerability in the extension publishing mechanism of Open VSX could have allowed attackers to tamper with any repository.