Hackers have targeted Google Chrome users in a frightening 2FA bypass attack with dozens of extensions compromised with malicious code—here’s what we know so far.

New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.

Chrome extension vulnerabilities leave millions at risk of 2FA bypass attacks, with hackers targeting multiple companies.

Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven shared in a blog post this weekend that its Chrome extension was compromised on December 24 in an attack that appeared to be “targeting logins to specific social media advertising and AI platforms.

A hacker phished a Cyberhaven employee to upload a malicious version of the company's Chrome extension, but it may not be the only victim.

Cyberhaven and other Chrome extensions were compromised in a supply chain attack targeting Facebook advertising users.

The publishers of browser extensions on the Google Chrome Web Store were reportedly targeted via a phishing campaign.

Multiple Chrome browser extensions have been hijacked by hackers in recent months to steal data from their users.

A cyberattack campaign of advanced complexity has been identified, targeting 16 Chrome extensions with the intention of stealing sensitive information from Facebook ad users. Cybersecurity firm Cyberhaven has conducted an initial investigation,

Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a