The recent compromise of Cyberhaven’s Chrome extension appears to be part of a broad campaign that started over a year ago.

A hacker phished a Cyberhaven employee to upload a malicious version of the company's Chrome extension, but it may not be the only victim.

Chrome extension vulnerabilities leave millions at risk of 2FA bypass attacks, with hackers targeting multiple companies.

The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."

Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes. Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET.

Multiple Chrome browser extensions have been hijacked by hackers in recent months to steal data from their users.

New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.

A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft.

Cyberhaven and other Chrome extensions were compromised in a supply chain attack targeting Facebook advertising users.

A cyberattack campaign of advanced complexity has been identified, targeting 16 Chrome extensions with the intention of stealing sensitive information from Facebook ad users. Cybersecurity firm Cyberhaven has conducted an initial investigation,

Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a