The Hacker News

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Experts uncovered malicious Chrome extensions that replace affiliate links, exfiltrate data, and steal ChatGPT authentication tokens from users.
The HR Digest

Beware! Malicious Chrome Extensions Are Now Targeting HR Platform Users

Cybersecurity firm Socket recently uncovered multiple malicious Chrome extensions targeted at enterprise HR and ERP platform users.

Malicious Google Chrome extensions hijack accounts

Malicious Chrome extensions steal login data by impersonating Workday, NetSuite and SAP SuccessFactors platforms, cybersecurity researchers say.
The Hacker News

Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts

Five fake Chrome extensions impersonate Workday and NetSuite to steal cookies, block admin controls, and hijack sessions for account takeover.
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...
Security Boulevard

LayerX Discovers Malicious Chrome Extensions Stealing ChatGPT Accounts

The threat of malicious Chrome browser extensions raises its ugly head again, this time against ChatGPT users, LayerX says.

Chrome extensions spoofing Workday and NetSuite are tricking victims

Here's what to look out for ...
CSO Online

Five Chrome extensions caught hijacking enterprise sessions

Malicious Chrome extensions posing as productivity tools were found stealing session tokens, blocking security controls, and enabling account takeover across popular enterprise HR and ERP platforms.
AOL

Malicious Chrome extensions caught stealing sensitive data

Chrome extensions are supposed to make your browser more useful, but they've quietly become one of the easiest ways for attackers to spy on what you do online. Security researchers recently uncovered ...