VSCode IDE forks expose users to "recommended extension" attacks

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, ...

New GlassWorm malware wave targets Macs with trojanized crypto wallets

A fourth wave of the "GlassWorm" campaign is targeting macOS developers with malicious VSCode/OpenVSX extensions that deliver ...

Malicious browser extensions hit 4.3M users

Malicious Chrome and Edge extensions collected browsing history, keystrokes and personal data from millions of users before Google and Microsoft removed them.
ZDNet

Malicious extensions can use ChatGPT to steal your personal data - here's how

Browser extensions can use AI prompts to steal your data. All AI LLMs can be exploited, both commercial and internal. LayerX's technology now works with Chrome for Enterprise to protect you. That ...
Dark Reading

Researchers Discover Two Dozen Malicious Chrome Extensions

Researchers at Cato Networks have discovered two dozen malicious Google Chrome browser extensions and 40 associated malicious domains that are being used to introduce adware on victim systems, steal ...
Threat Post

Malicious Google Web Extensions Harvest Cryptowallet Secrets

Several fake browser extensions masqueraded as legitimate cryptocurrency utilities in a snowballing campaign. Large campaigns that are spreading malicious browser extensions are abusing Google Ads and ...