The Hacker News

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Experts uncovered malicious Chrome extensions that replace affiliate links, exfiltrate data, and steal ChatGPT authentication tokens from users.

The hidden cost of cashback: How shopping extensions track you—and how to limit it

During peak shopping periods like Black Friday and Cyber Monday, some incentives can jump up considerably. For example, ...
SiliconANGLE

Trellix warns of advanced Facebook phishing using browser-in-the-browser attacks

A new report out today from cybersecurity company Trellix Inc. warns that Facebook phishing scams are becoming significantly more sophisticated, as attackers increasingly abuse legitimate cloud ...
BGR

5 Free Browser Extensions You Should Always Install First

Good browsers work well with their standard features alone. They can protect you when browsing online, autofill your login information, and manage your favorite websites with ease. Some go beyond and ...
SecurityWeek

Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Impersonating a legitimate extension from AITOPIA, the two malicious extensions were also exfiltrating users’ browser activity. The applications, called ‘Chat GPT for Chrome with GPT-5, Claude Sonnet ...
The Hacker News

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to ...
TechSpot

DarkSpectre quietly infected millions through seemingly legit browser extensions

In a nutshell: Cybersecurity researchers at Koi recently uncovered DarkSpectre, a Chinese operation linking multiple malicious campaigns through browser extensions. Hundreds of seemingly legitimate ...