Browser extensions turned malicious after years of legitimate operation in DarkSpectre campaign affecting millions. The ...

A China-linked threat actor used malicious browser extensions over seven years to steal data and corporate intelligence from ...

A newly uncovered Chinese threat group known as DarkSpectre has been linked to one of the most widespread browser extension ...

These startups reimagined browser security, pioneered application security for AI-generated code, and are building consensus ...

Kaspersky has found a new infostealer called Stealka that targets crypto wallets and browsers through fake game mods and pirated software on GitHub and SourceForge.

Researchers from Koi Security claim to have identified a well-funded criminal organization responsible for several of the largest and most sophisticated campaigns they’ve ever uncovered.

A long-running malware campaign quietly evolved over several years and turned trusted Chrome and Edge extensions into spyware. A detailed report from Koi Security reveals that the ShadyPanda operation ...

Zoom users should exercise extreme caution when installing browser extensions, particularly those claiming Zoom-related ...

Security researchers found two Chrome extensions with 900,000 installs secretly collecting ChatGPT and DeepSeek chats and ...

The researchers initially discovered DarkSpectre while investigating ShadyPanda, a campaign based on popular Chrome and Edge extensions that infected over four million devices. Further analysis ...

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, crypto wallets, and ...

A popular browser extension that acts as a VPN to protect users' privacy is actually harvesting and facilitating the sale of data from conversations with AI chatbot assistants. While versions previous ...