Dark Reading

ChatGPT, GenAI Tools Open to 'Man in the Prompt' Browser Attack

An innovative prompt injection attacker can steal your data using nothing but a browser extension. Browser security vendor LayerX published research today dedicated to an attack it discovered that ...
Bleeping Computer

The Buyer’s Guide to Browser Extension Management

While most enterprises lock down endpoints, harden networks, and scan for vulnerabilities, one of the riskiest vectors often slips through unmonitored: browser extensions. These small, user-installed ...
CSOonline

Verified, featured, and malicious: RedDirection campaign reveals browser marketplace failures

Despite verified status and high ratings, 18 extensions silently deployed surveillance code, raising urgent questions about Chrome and Edge extension review processes. A widespread browser hijacking ...

Malicious browser extensions hit 4.3M users

Malicious Chrome and Edge extensions collected browsing history, keystrokes and personal data from millions of users before ...
Bleeping Computer

Malicious Browser Extensions are the Next Frontier for Identity Attacks

The recent attack campaign targeting browser extensions shows that malicious browser extensions are the next frontier for identity attacks. More than 2.6 million users across thousands of ...
ZDNet

Why you should delete your browser extensions right now - or do this to stay safe

Malicious browser extensions are a widespread problem. Even vetted extensions can be dangerous. Here's what you should do to avoid issues. Koi Security investigated a single malicious extension used ...