A long-running malware operation known as "ShadyPanda" has amassed over 4.3 million installations of seemingly legitimate Chrome and Edge browser extensions that evolved into malware. The operation, ...

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions with more than 50,000 downloads, to monitor browser activity and plant a backdoor. The ...

A sophisticated malware operation has infected 4.3 million Chrome and Edge browser users via malicious browser extensions that masqueraded as legitimate tools for years before being weaponized. The ...

A seven-year browser extension campaign has infected 4.3 million Chrome and Edge users. The group responsible, tracked as ShadyPanda, has been observed leveraging trusted browser marketplaces to build ...

Editor's note: Microsoft has reached out to us regarding the story below and has issued the following update: "We have removed all the extensions identified as malicious on Edge Add-on store. When we ...

Browser extensions with more than 8 million installs are harvesting complete and extended conversations from users’ AI ...

Recent exploits are a reminder that when you install an extension, you grant it a lot of power to see where you go online and ...

A long-running malware campaign quietly evolved over several years and turned trusted Chrome and Edge extensions into spyware. A detailed report from Koi Security reveals that the ShadyPanda operation ...

Koi's investigation identified eight such extensions available on the Chrome Web Store and Microsoft Edge Add-ons page, collectively surpassing eight million installations. Seven of them carried ...

December 8, 2025 Add as a preferred source on Google Add as a preferred source on Google Malicious extensions do occasionally find their way into the Chrome Web Store (and similar libraries in other ...