Google engineers have added two neat features to the Chrome browser that will alert users of extensions that hijack proxy settings or the new tab page.
Six more developers have had their Chrome extensions hijacked in the past four months, according to new evidence surfaced yesterday by Proofpoint researcher Kafeine.
Google's security team has sent out warnings via email to Chrome extension developers after many of them have been the targets of phishing attacks, some of which have been successful and resulted in crooks taking over extensions.
The developer of a very popular Google Chrome extension has regained access over his tool after an unknown hacker had managed to hijack his developer account and push a malicious version that contained adware.
Website-building service Wix.com was the subject of a massive cyber-attack in April 2016 when a botnet of rogue Chrome extensions was creating Wix websites to spread itself to new users.
While doing my normal scan through various sites that are known to push unwanted programs, I ran across a new version of a Chrome extension family that hijacks searches done on Google and other search engines. In addition to hijacking searches, this new variant also tries to filter Trump from the web.
A company is going around buying abandoned Chrome extensions from their original developers and converting these add-ons into adware.
A new adware family named Crusader will rewrite tech support phone numbers returned in Google search results, display ads, and show popups pushing tech support scams.
LastPass says it patched one of two separate bugs that affected its Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website.
Late Friday, last week, Google announced a new tool for security-minded users, called E2EMail, a Chrome extension that simplifies the installation of PGP encryption for Gmail.
A malvertising campaign has specifically targeted and redirected Chrome users to a website they couldn't leave unless they agreed to install a rogue Chrome extension.