Techly NewsGet the app

Get the latest tech news

Widespread cyberattack targets Google Chrome extensions, compromises 2.6 million devices | The incident highlights the often overlooked security risks associated with browser extensions


The attack, which began on Christmas Eve, exploited a vulnerability in the Chrome Web Store's developer authentication system. Attackers used sophisticated spear-phishing techniques to gain access to...

"Public reports suggest this attack was part of a wider campaign targeting Chrome extension developers across a wide range of companies." A similar campaign targeted both Chrome and Firefox extensions in 2019, compromising four million devices, including those within networks of major companies like Tesla, Blue Origin, and Symantec. Tuckner suggests one potential solution: organizations could implement a browser asset management list, allowing only selected extensions to run while blocking all others.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Google Chrome

Google Chrome

Photo of devices

devices

Photo of incident

incident

Related news:

News photo

Google Chrome is making it easier to share specific parts of long PDFs

News photo

Hackers Target Dozens of VPN, AI Extensions For Google Chrome To Compromise Data

News photo

LineageOS 22.1, based on Android 15, is already available for over 100 devices

« LG previews the compact S20A soundbar at CES 2025
How Congress dropped the ball on AI safety »