Many Chrome extensions start as small developer projects, and once they gain users, are sold on. But what if the new owner turns out to be a bad actor who gains the ability to update software running ...

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.

As web browsers evolve into AI-powered workspaces, they are gaining deeper access to system resources. Integrated assistants can summarize content, automate tasks and interact directly with local ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.

Chrome extensions disguised as AI assistants infected over 300,000 users with malware that steals emails, passwords and browsing data, LayerX researchers discovered.

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

LayerX found 30 malicious Chrome extensions posing as GenAI tools Extensions exfiltrated page text, metadata, and Gmail content to attacker servers Over 300,000 downloads; popular add-ons included AI ...

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...