Cyberhaven, a California-based cyber security firm says it was recently hacked on Christmas Eve, and that the hackers were targeting Chrome extensions. Cyberhaven doesn’t mention what the ...

The malicious extension, available as version 24.10.4, was available for 31 hours, from December 25 at 1:32 AM UTC to Dec 26 at 2:50 AM UTC. Chrome browsers actively running Cyberhaven during that ...

The Chrome Web Store shows the Cyberhaven extension has around 400,000 corporate customer users at the time of writing. When asked by TechCrunch, Cyberhaven declined to say how many affected ...

The first company to shed light on the campaign was cybersecurity firm Cyberhaven ... malicious extensions are published and pass the Chrome Web Store's security review, they are made available ...

Although initial reports focused on Cyberhaven's security-focused extension ... phishing email than usual that we got that stated a Chrome Extension policy violation of the form: 'Unnecessary ...

In a blog post, Cyberhaven explained that once the necessary permissions had been granted, the hacker in question then uploaded a malicious Chrome extension to the Chrome Web Store from the ...

Hackers have targeted Google Chrome users in a frightening 2FA bypass attack—a full list of impacted extensions has now been published.

"Our team has confirmed a malicious cyberattack that occurred on Christmas Eve, affecting Cyberhaven's Chrome extension," the company stated. "Public reports suggest this attack was part of a ...

Ironically, cybersecurity firm Cyberhaven is a startup which provides a Google Chrome extension aimed at preventing sensitive data loss from unapproved platforms, such as Facebook or ChatGPT.

On December 25th, 2024, a malicious version of Cyberhaven’s browser extension was published on the Chrome Store that allowed the attacker to hijack authenticated sessions and exfiltrate ...