108 Google Chrome Extensions Are Stealing User Data, Over 20,000 Users Affected

Collectively, the extensions amassed about 20,000 installs in the Chrome Web Store. All 108 extensions route stolen ...
The American Bazaar

Cybersecurity firm identifies 108 malicious Chrome extensions affecting 20,000 users

All 108 route stolen credentials, user identities, and browsing data to servers controlled by the same operator," Security Researcher Kush Pandya said in an analysis ...

These Chrome Extensions Are Stealing Your Data – Uninstall Them Immediately

Browser extensions are mostly harmless, but unfortunately, these Chrome extensions are the opposite, and pose imminent risk ...

108 malicious Chrome extensions found stealing data and injecting ads into every page you visit

Security researchers have uncovered a new coordinated campaign which uses malicious extensions to steal user data and hijack browsing sessions.
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Computer Weekly

April Patch Tuesday brings zero-days in Defender, SharePoint Server

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid ...

Microsoft Weekly: Start menu in rework again and Recall is on fire

Catch up with this week's Microsoft stories in the latest recap. Patch Tuesday updates, bugs, Start menu reworks, Recall ...
DataBreachToday

Breach Roundup: Mr. Raccoon Wants Your Password

This week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda ...
InfoWorld

Tap into the AI APIs of Google Chrome and Microsoft Edge

The Chrome and Edge browsers have built-in APIs for language detection, translation, summarization, and more, using locally ...

Did The Onion buy Infowars? Texas judge to weigh in on take over

The Onion is awaiting a Texas judge's decision on if it can take over Alex Jones' far-right media company Infowars. Here's ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...