Forbes

Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk

This Google Chrome browser extension attack compromised authentication cookies. Update, Dec. 31, 2024: This story, originally published Dec. 29 now includes an explanation of how 2FA bypass session ...
The Hacker News

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Experts uncovered malicious Chrome extensions that replace affiliate links, exfiltrate data, and steal ChatGPT authentication tokens from users.
WinBuzzer

Chrome Extensions Caught Stealing Amazon Affiliate Revenue and ChatGPT Tokens

Security researchers have discovered 29 malicious Chrome extensions disguised as ad blockers that hijack Amazon affiliate links and steal ChatGPT tokens from users.
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...
Cryptopolitan on MSN

Chrome extension disguised as AI assistant expose 10K+ users OpenAI API keys

A Chrome browser extension posing as an artificial intelligence assistant is siphoning OpenAI credentials from more than ...
Forbes

Google Chrome Attack Alert—Full List Of Hacked Extensions Published

Update, Jan. 4, 2025: This story, originally published Jan. 2, now includes a link to details of all the known Chrome extensions to have been targeted by the hackers. As I reported at the end of ...
Bleeping Computer

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP platforms were discovered stealing authentication credentials or blocking ...