A malicious extension campaign hit 4.3M users. See how ShadyPanda worked and the steps you should take to protect your browser and data.

More than 4 million browsers have been infected by a China-based threat actor that published browser extension apps as a ...

Malicious extensions occasionally find their way into the Chrome Web Store (and similar libraries in other browsers) by posing as legitimate add-ons. Some of them only morph into malware after gaining ...

Google Chrome is introducing a new security architecture designed to protect upcoming agentic AI browsing features powered by Gemini. A long-running malware operation known as "ShadyPanda" has amassed ...

A major browser security incident has come to light after researchers revealed that millions of users were unknowingly spied ...

Chinese hackers turned 4.3 million trusted browser extensions into spyware, capturing every click and search through routine ...

ShadyPanda spent seven years uploading trusted Chrome and Edge extensions, later weaponizing them for tracking, hijacking, and remote code execution. Learn how the campaign unfolded.

According to researchers at cybersecurity firm Koi, a China-based hacking syndicate known as ShadyPanda is actively ...

A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, ...

Millions of users have been affected by a spyware campaign that has hijacked popular browser extensions. Here’s how it works and how to stay safe.

ShadyPanda is a dangerous new malware campaign that spent years turning browser extensions into spyware.

A massive “sleeper” malware campaign has infected over 4.3 million users through seemingly legitimate browser extensions.