Phishing Campaign Makes Use of SingleFile Browser Extension Tool to Obfuscate Malicious Activity
In a recent phishing campaign, fraudsters used a legitimate browser extension tool called SingleFile to obfuscate their attacks and remain undetected.
Razy Trojan Installs Malicious Browser Extensions to Steal Cryptocurrency
Security researchers observed the Razy Trojan installing malicious extensions across multiple web browsers to steal cryptocurrency.
Thousands of Websites Load Cryptocurrency Miner After Cybercriminals Compromise Third-Party Library
Cybercriminals altered Texthelp's Browsealoud web screen reader to install a cryptocurrency miner on many high-profile websites, including government sites in the U.S. and U.K.
Opera Offers First Built-In Cryptojacking Protection Tool
The beta version of Opera 50 is the first major browser to offer a built-in mechanism that blocks cryptojacking, a new form of malware that leverages a victim's CPU to mine cryptocurrency.
WoT Privacy Breach: Trust Tanks as Browser Add-On Caught Selling User Data
The WoT privacy breach highlights the commonplace nature of third-party data selling and frequent failure to read the fine print in user agreements.
Firefox Extensions Can Be Reused as Attack Vectors
Two researchers recently described how Firefox extensions can be leveraged for malicious purposes without triggering Mozilla security warnings.
AVG Chrome Extension Takes Things Too Far With Poor APIs
Subpar APIs in one of AVG's Chrome extensions could wind up exposing user browsing history or even turn the extension into a vessel for malware.