TechNaduFeb 23

Proton Reports Malicious Proton VPN Impersonators in Chrome Web Store

Impact reportedly included:
• Credential harvesting
• Personal data collection
• Potential traffic relay
• Abuse of brand trust
Repeated reporting allegedly led to delayed removal.

Security takeaways:
• Extension ecosystems remain high-risk
• Search-based brand targeting is effective for attackers
• Store review latency increases exposure window

Community question:
Should browser vendors implement stricter publisher verification or cryptographic signing tied to corporate identity?

Source: https://cyberinsider.com/proton-warns-of-malicious-chrome-extensions-impersonating-its-vpn-service/

Engage below and follow @technadu for threat ecosystem analysis and digital trust reporting.

#ThreatIntel #BrowserSecurity #ExtensionSecurity #ProtonVPN #CyberRisk #AppStoreSecurity #Infosec #MalwareResearch

Manuel BisseyJan 29

Fake ChatGPT browser extensions are stealing login credentials — AI hype is being weaponized to hijack accounts. Install less, verify more. 🧩⚠️ #ExtensionSecurity #CredentialTheft

https://www.bitdefender.com/en-us/blog/hotforsecurity/beware-fake-chatgpt-browser-extensions-are-stealing-your-login-credentials

Beware! Fake ChatGPT browser extensions are stealing your login credentials

If you've installed a browser extension to enhance your ChatGPT experience, you might want to think again.

Hot for Security
eqtvJan 13

Tips from Nadiyno.org: whether or not to install browser extensions

https://peertube.eqver.se/w/jxFb8iH6DBhpUZxgraPhiB

Tips from Nadiyno.org: whether or not to install browser extensions

PeerTube
TechLİfeJan 6

AI-Powered Code Editors Could Have Become Malware Delivery Machines: Here's What Happened

https://techlife.blog/posts/vscode-forks-extension-vulnerability/

#VSCode #Cursor #Windsurf #OpenVSX #SupplyChainAttack #ExtensionSecurity #DeveloperTools #Cybersecurity

AI-Powered Code Editors Could Have Become Malware Delivery Machines: Here's What Happened

Security researchers discover that popular AI coding tools like Cursor and Windsurf were vulnerable to a sneaky supply chain attack through fake extension recommendations

TechLife
Manuel BisseyDec 24

Two Chrome extensions were caught secretly collecting user data — privacy threats don’t always look malicious. Scrutinize what you install. 🧩🔍 #BrowserPrivacy #ExtensionSecurity

https://thehackernews.com/2025/12/two-chrome-extensions-caught-secretly.html

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites

Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.

The Hacker News
Manuel BisseyDec 5

ShadyPanda is hijacking popular browser extensions to spy on users — turning everyday tools into covert surveillance channels. Trust no add-on without validation. 🧩🕵️‍♂️ #ExtensionSecurity #MalwareCampaign

https://thehackernews.com/2025/12/shadypanda-turns-popular-browser.html

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

ShadyPanda abused browser extensions for seven years, turning 4.3M installs into a multi-phase surveillance and hijacking campaign.

The Hacker News
Manuel BisseyDec 2

ShadyPanda extensions racked up 43M installs — turning convenience into mass surveillance. Even “helpful” add-ons can hide hostile code. 🧩⚠️ #ExtensionSecurity #MalwareCampaign

https://www.bleepingcomputer.com/news/security/shadypanda-browser-extensions-amass-43m-installs-in-malicious-campaign/

ShadyPanda browser extensions amass 4.3M installs in malicious campaign

A long-running malware operation known as "ShadyPanda" has amassed over 4.3 million installations of seemingly legitimate Chrome and Edge browser extensions that evolved into malware.

BleepingComputer