CSOonline

Flaws in four popular VS Code extensions left 128 million installs open to attack

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...
Fox News

Browser extension malware infected 8.8M users in DarkSpectre attack

Browser extensions promise convenience. Many offer simple tools like new tab pages, translators or video helpers. Researchers, however, uncovered a long-running malware operation that abused that ...
Fox News

Malicious browser extensions hit 4.3M users

A long-running malware campaign quietly evolved over several years and turned trusted Chrome and Edge extensions into spyware. A detailed report from Koi Security reveals that the ShadyPanda operation ...

Before You Click 'Add To Browser': Why Extensions Are The Next Enterprise Attack Surface

Installing an extension takes seconds, but the access it gains can persist for months or years across every site and session ...