A seven-year malicious browser extension campaign infected 4.3 million Google Chrome and Microsoft Edge users with malware, including backdoors and spyware sending people's data to servers in China.

Browser extensions can be just as dangerous as regular apps, and their integration with the tool everyone’s constantly using can make them seem erroneously innocuous. Case in point: a collection of ...

A long-running malware operation known as "ShadyPanda" has amassed over 4.3 million installations of seemingly legitimate Chrome and Edge browser extensions that evolved into malware. The operation, ...

A long-running malware campaign quietly evolved over several years and turned trusted Chrome and Edge extensions into spyware. A detailed report from Koi Security reveals that the ShadyPanda operation ...

Remember browser bars of the '00's... Going over to grandma's and launching IE only to be met with half a screen of browser bars. Spending a good hour uninstalling them, cleaning up the debris left ...

Browser extensions promise convenience. Many offer simple tools like new tab pages, translators or video helpers. Researchers, however, uncovered a long-running malware operation that abused that ...

A hot potato: Cybersecurity researchers have uncovered a sophisticated malware campaign that infected millions of computers via browser extensions on the Chrome Web Store and Microsoft Edge add-ons ...

A set of 18 malicious browser extensions that are still available to download on Google Chrome and Microsoft Edge have been identified by a team of security researchers at Koi Security. These ...

TL;DR: A sophisticated malware campaign infected 2.3 million Chrome and Edge users. It worked because a bunch of browser extensions were on the market for a long time, gaining a trusted reputation, ...