The Chrome Web Store has been infested with dozens of malicious browser extensions claiming to provide AI assistant functionality but that secretly are siphoning off personal information from victims.

Despite ongoing efforts by Google to tighten security, malicious browser extensions continue to find their way onto the Chrome Web Store — and into users’ ...

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...

Google has issued a patch for a high-severity flaw that has been actively exploited in the wild—the first Chrome zero-day in ...

Stop using standard VS Code ...

More than 300 Chrome extensions were found to be leaking browser data, spying on users, or stealing user information.

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

Tens of thousands of people have downloaded what they believed were useful AI tools for their browsers, only to give hackers a direct path into their most private online activity, including emails.

Criminals are pushing surveillance tools into the Google Chrome Web Store ...

ZDNET experts put every product through rigorous testing and research to curate the best options for you. If you buy through our links, we may earn a commission. Learn Our Process 'ZDNET Recommends': ...

Three of the four vulnerabilities remained unpatched months after OX Security reported them to the maintainers.