A cyberattack campaign inserted malicious code into multiple Chrome browser extensions as far back as mid-December, Reuters reported yesterday. The code appeared designed to steal browser cookies and authentication sessions, targeting “specific social media advertising and AI platforms,” according to a blog post from Cyberhaven, one of the companies that was targeted.
Cyberhaven blames a phishing email for the attack, writing in a separate technical analysis post that the code appeared to…
