Christmas Eve attack sees Cyberhaven Chrome extension hit Some data could have been exfiltrated, Cyberhaven systems secure Users are being told to change their passwords Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack,

New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.

The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."

A hacker phished a Cyberhaven employee to upload a malicious version of the company's Chrome extension, but it may not be the only victim.

Multiple Chrome browser extensions have been hijacked by hackers in recent months to steal data from their users.

Cyberhaven and other Chrome extensions were compromised in a supply chain attack targeting Facebook advertising users.

Cookies stored in Chrome let hackers bypass the 2FA requirement, as the browser showed users to already be authenticated. Yes, it’s convenient for you not to have to get a code constantly, but it’s also a quick way for hackers to get into your accounts.

The publishers of browser extensions on the Google Chrome Web Store were reportedly targeted via a phishing campaign.