The China-based cyber-threat group has been using malicious extensions on the Google Chrome and Microsoft Edge marketplaces ...

A threat actor has published over a hundred malicious extensions that can track and profile Chrome and Microsoft Edge users ...

On November 17, 2025, a critical security flaw in Google Chrome’s V8 JavaScript engine sent shockwaves through the digital world. Hackers began exploiting the vulnerability before Google could release ...

CERT-In has issued a security alert for Google Chrome users, urging immediate updates for Windows, macOS, and Linux due to severe vulnerabilities identified as CVE-2025-13223 and CVE-2025-13224. , ...

A seven-year malicious browser extension campaign infected 4.3 million Google Chrome and Microsoft Edge users with malware, including backdoors and spyware sending people's data to servers in China.

According to researchers at cybersecurity firm Koi, a China-based hacking syndicate known as ShadyPanda is actively ...

The post Google Chrome Users Warned: New Zero-Day Flaw Requires Update ASAP appeared first on Android Headlines.

Socket’s Threat Research Team has outlined all the details.

A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, ...

North Korean actors deployed 197 new npm packages delivering evolved OtterCookie and GolangGhost malware through fake ...

The new version follows last month's version 0.0.1, when the project began to issue tagged releases on GitHub. The switch to numbered versions is an encouraging sign, showing that the project is ...

ShadyPanda spent seven years uploading trusted Chrome and Edge extensions, later weaponizing them for tracking, hijacking, and remote code execution. Learn how the campaign unfolded.