Criminals are pushing surveillance tools into the Google Chrome Web Store ...

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

Add-ons with 37M installs leak visited URLs to 30+ recipients, researcher says They know where you've been and they're going to share it. A security researcher has identified 287 Chrome extensions ...

A widespread cyberattack involving fraudulent Google Chrome extensions has impacted over 300,000 users by leveraging the current demand ...

A set of 30 malicious Chrome extensions that have been installed by more than 300,000 users are masquerading as AI assistants to steal credentials, email content, and browsing information.

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...

Despite ongoing efforts by Google to tighten security, malicious browser extensions continue to find their way onto the Chrome Web Store — and into users’ ...

A study by Q Continuum analyzed 32,000 Chrome extensions and found 287 that send sensitive data to developers, affecting about 37 million users. Among the notable extensions are well-known names like ...

Five extensions were doing all sorts of malicious acts, including stealing payment data.

Attackers are impersonating ChatGPT, Gemini, and Grok.

In total, the analysts examined the 32.000 most popular Chrome extensions out of the 240.000 available in the Chrome Webstore. They identified 287, some of them very popular, candidates that ...