Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information. Some of the ...

How can an extension change hands with no oversight?

More fun than it should be, honestly.

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...

Many Chrome extensions start as small developer projects, and once they gain users, are sold on. But what if the new owner turns out to be a bad actor who gains the ability to update software running ...

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.

An extension I used almost every day was bought by a new owner and loaded up with spyware. It happened in 2024, but Google ...

"Under New Management" keeps an eye on the Chrome Web Store, looking for new developer names that show up when extensions are sold off.

Reddit users seem to have identified the problem.

Seemingly out of nowhere, the “Save image as Type” Chrome extension was marked for removal, with Google warning users ...