Tech expert Kurt “CyberGuy" Knutsson says hackers are embedding dangerous code in Chrome extensions to steal your data.

Hackers have targeted Google Chrome users in a frightening 2FA bypass attack—a full list of impacted extensions has now been published.

The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."

Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes. Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET.

Cyberhaven, a California-based cyber security firm says it was recently hacked on Christmas Eve, and that the hackers were targeting Chrome extensions. Cyberhaven doesn’t mention what the reasoning for the attack was,

New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.

The recent cyberattack which hit security firm Cyberhaven and then affected a number of Google Chrome extenions may have been part of a ‘wider campaign’, new research has claimed. A BleepingComputer investigation found the same code was injected into at least 35 Google Chrome extensions,

Criminals have hijacked dozens of popular browser extensions in a bid to target Google Chrome users and steal sensitive data, like passwords. The devastating campaign started last month and shows no sign of slowing.