Cybersecurity firm Cyberhaven was the first reported victim of a new attack targeting Chrome extensions, resulting in over 600,000 users facing data and credential theft due to malicious code injection.
Or Eshed, CEO of LayerX Security, emphasizes that 'Browser extensions are the soft underbelly of web security,' highlighting the risks associated with extensive permissions granted to these tools.
Eshed also points out that 'many organizations don't even know what extensions they have installed on their endpoints,' indicating a widespread lack of awareness regarding security exposure.
Following the Cyberhaven breach, additional compromised extensions were identified, confirming that the incident wasn't isolated and underscoring the vulnerabilities within the Chrome Web Store.
Collection
[
|
...
]