The China-based cyber-threat group has been using malicious extensions on the Google Chrome and Microsoft Edge marketplaces ...

More than 4 million browsers have been infected by a China-based threat actor that published browser extension apps as a ...

A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, ...

A seven-year browser extension campaign has infected 4.3 million Chrome and Edge users. The group responsible, tracked as ...

ShadyPanda spent seven years uploading trusted Chrome and Edge extensions, later weaponizing them for tracking, hijacking, and remote code execution. Learn how the campaign unfolded.

ShadyPanda abused browser extensions for seven years, turning 4.3M installs into a multi-phase surveillance and hijacking ...

Once-trusted Chrome and Edge add-ons have quietly turned into tools for data harvesting, search manipulation, and a ...

A massive “sleeper” malware campaign has infected over 4.3 million users through seemingly legitimate browser extensions.

Malicious extensions occasionally find their way into the Chrome Web Store (and similar libraries in other browsers) by posing as legitimate add-ons. Some of them only morph into malware after gaining ...

A seven-year malicious browser extension campaign infected 4.3 million Google Chrome and Microsoft Edge users with malware, including backdoors and spyware sending people's data to servers in China.