An extension I used almost every day was bought by a new owner and loaded up with spyware. It happened in 2024, but Google only removed it this week.

More fun than it should be, honestly.

How can an extension change hands with no oversight?

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.

Researchers at Palo Alto Networks' Unit 42 found a high-severity flaw in Chrome's Gemini AI panel that could have let rogue browser extensions access local files, ...

Google has rushed out a Chrome 146 security update that patches two zero-day vulnerabilities exploited in the wild.

Google is finally introducing native Chrome support to ARM64 Linux devices. It only took the company six years after bringing Chrome to ARM64-powered macOS devices and two years after doing the same ...

Many Chrome extensions start as small developer projects, and once they gain users, are sold on. But what if the new owner turns out to be a bad actor who gains the ability to update software running ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach reports, expert analysis, and actionable insights for infosec professionals and ...