Over 100 Chrome Web Store extensions found stealing user data from thousands of accounts

All extensions seem to have been made by a single actor, possibly of Russian origin.

Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...

Over 100 Seemingly Harmless Google Chrome Extensions Found to be Malicious

A report by Socket has identified 108 malicious extensions on the Google Chrome Web Store. These extensions collectively ...

Google Attack Warning—Chrome Hackers Target Gmail And YouTube Users

Google hackers strike as Gmail, YouTube, Telegram and TikTok users are targeted by 108 dangerous Chrome browser extensions in ...
Search Engine Land

Google adds Chrome Web Store user agent

Google has added a new user agent to its help documentation named Google-CWS. This is the Chrome Web Store user agent that is a user-triggered fetchers. More details. Google posted about the new user ...
Forbes

Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk

This Google Chrome browser extension attack compromised authentication cookies. Update, Dec. 31, 2024: This story, originally published Dec. 29 now includes an explanation of how 2FA bypass session ...
Bleeping Computer

Google launches customizable Web Store for Enterprise extensions

Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees' web browsers. Malicious Chrome ...
Search Engine Roundtable

Google Adds Chrome Web Store Google-CWS User Agent To Docs

Google added a new user agent to the Googlebot's user-triggered fetchers documentation. The new user agent is for the Chrome Web Store named Google-CWS. The Chrome Web Store fetcher requests URLs that ...