Over 100 Chrome Web Store extensions found stealing user data from thousands of accounts

All extensions seem to have been made by a single actor, possibly of Russian origin.

Over 100 Chrome Web Store extensions steal user accounts, data

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, ...

Google Attack Warning—Chrome Hackers Target Gmail And YouTube Users

Google hackers strike as Gmail, YouTube, Telegram and TikTok users are targeted by 108 dangerous Chrome browser extensions in ...
Bitdefender

108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users

These Chrome extensions looked harmless - but secretly stole data and hijacked accounts. Here’s what you need to know.
Search Engine Land

Google adds Chrome Web Store user agent

Google has added a new user agent to its help documentation named Google-CWS. This is the Chrome Web Store user agent that is a user-triggered fetchers. More details. Google posted about the new user ...
Bleeping Computer

Google launches customizable Web Store for Enterprise extensions

Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees' web browsers. Malicious Chrome ...
Forbes

Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk

This Google Chrome browser extension attack compromised authentication cookies. Update, Dec. 31, 2024: This story, originally published Dec. 29 now includes an explanation of how 2FA bypass session ...
Search Engine Roundtable

Google Adds Chrome Web Store Google-CWS User Agent To Docs

Google added a new user agent to the Googlebot's user-triggered fetchers documentation. The new user agent is for the Chrome Web Store named Google-CWS. The Chrome Web Store fetcher requests URLs that ...