Browser extensions are under attack from hackers who are adding malicious code to them in order to steal cookies and credentials from Chrome users.

Multiple Chrome browser extensions have been hacked, allowing attackers to steal the data they handle, security experts have warned. Subverted extensions include a

Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes. Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET.

Christmas Eve attack sees Cyberhaven Chrome extension hit Some data could have been exfiltrated, Cyberhaven systems secure Users are being told to change their passwords Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack,

The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."

A significant breach of popular Google Chrome extensions, including Cyberhaven, has exposed sensitive user data. Learn how the attack unfolded and how to secure your browser.

A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft.

The publishers of browser extensions on the Google Chrome Web Store were reportedly targeted via a phishing campaign.

By Raphael Satter and AJ Vicens -Hackers have compromised several different companies' Chrome browser extensions in a series of intrusions dating back to mid-December, according to one of the victims and experts who have examined the campaign.

Cyberhaven, a California-based cyber security firm says it was recently hacked on Christmas Eve, and that the hackers were targeting Chrome extensions. Cyberhaven doesn’t mention what the reasoning for the attack was,