Malicious Google Chrome extensions hijack accounts

Malicious Chrome extensions steal login data by impersonating Workday, NetSuite and SAP SuccessFactors platforms, cybersecurity researchers say.
CSO Online

Five Chrome extensions caught hijacking enterprise sessions

Malicious Chrome extensions posing as productivity tools were found stealing session tokens, blocking security controls, and ...
The Hacker News

Five Malicious Chrome Extensions Impersonate Workday and NetSuite to Hijack Accounts

Five fake Chrome extensions impersonate Workday and NetSuite to steal cookies, block admin controls, and hijack sessions for ...
Infosecurity Magazine

Malicious Google Chrome Extensions Hijack Workday and Netsuite

Users of widely used HR and ERP platforms targeted with malicious extensions which were available in the Chrome Web Store ...

Credential-stealing Chrome extensions target enterprise HR platforms

Malicious Chrome extensions on the Chrome Web Store masquerading as productivity and security tools for enterprise HR and ERP ...
The HR Digest

Beware! Malicious Chrome Extensions Are Now Targeting HR Platform Users

Cybersecurity firm Socket recently uncovered multiple malicious Chrome extensions targeted at enterprise HR and ERP platform users.
Fox News

Malicious Chrome extensions caught stealing sensitive data

Chrome extensions are supposed to make your browser more useful, but they've quietly become one of the easiest ways for attackers to spy on what you do online. Security researchers recently uncovered ...
Bitdefender

Beware! Fake ChatGPT browser extensions are stealing your login credentials

The offending extensions do not deploy traditional malware or attempt to exploit flaws in ChatGPT itself. Instead, they hook ...
Forbes

Google Chrome 2FA Bypass Attacks Confirmed—Millions Of Users At Risk

This Google Chrome browser extension attack compromised authentication cookies. Update, Dec. 31, 2024: This story, originally published Dec. 29 now includes an explanation of how 2FA bypass session ...