Claude Desktop for macOS quietly installs privileged browser integration files, even for browsers users haven’t installed. Experts warn this practice expands attack surfaces and may violate EU privacy laws.
Over 130,000 browser users fell victim to fake TikTok downloader extensions that used sophisticated evasion tactics and even gained 'Featured' status in official stores. Here’s how the attack unfolded—and what it means for your online security.
LinkedIn faces allegations of secretly scanning over 6,000 browser extensions on users’ computers, linking digital habits to real identities and raising alarms over privacy, profiling, and corporate espionage.
Malicious browser extensions are hijacking users’ AI conversations through 'prompt poaching' attacks, stealing sensitive data and exposing major privacy and business risks. Discover how these attacks operate and what you can do to stay protected.
A cluster of fake productivity extensions on Chrome and Edge has been caught stealing ChatGPT session tokens, granting attackers deep access to victims' AI chats. Here’s how the scheme worked and what it means for browser security.
GhostPoster, a stealthy malware campaign, infected over 840,000 Chrome, Firefox, and Edge users through 17 rogue extensions. Using steganography and modular payloads, it evaded detection for years, highlighting urgent security gaps in browser extension vetting.
Nearly 840,000 browser users fell victim to GhostPoster—a sophisticated malware campaign hidden in ordinary extensions. Discover how these digital phantoms infiltrated Chrome, Firefox, and Edge, and what risks remain.
This week’s cybercrime recap exposes a global pattern: attackers leveraging our trust in everyday digital tools. From IoT vulnerabilities and supply chain breaches to browser extension malware and AI abuse, discover how criminals are exploiting the familiar—and why it matters.
A sprawling Chinese threat actor compromised 8.8 million browser users using trusted Chrome, Edge, and Firefox extensions. The DarkSpectre campaign reveals how patience and state-level discipline turned everyday tools into global cyber-espionage weapons.
DarkSpectre, a Chinese cybercriminal group, weaponized popular browser extensions to spy on millions of users and businesses worldwide. Trusted add-ons for Zoom, Google Meet, and more were secretly harvesting sensitive data for years.