Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes. Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET.

The attack began after a hacker successfully targeted a Cyberhaven employee via a phishing email that was sent to Chrome extension developers. The employee, believing the email was an official Google contact, clicked the email and input their login credentials on the phishing page.

Multiple Chrome browser extensions have been hijacked by hackers in recent months to steal data from their users.

A hacker phished a Cyberhaven employee to upload a malicious version of the company's Chrome extension, but it may not be the only victim.

Hackers have compromised several popular Chrome extensions with hundreds of thousands of users, TechCrunch reported today. One of the affected extensions is developed by Cyberhaven Inc., a venture-backed cybersecurity provider. The company confirmed the incident in a statement.

Hackers have compromised several different companies' Chrome browser extensions in a series of intrusions dating back to mid-December, according to one of the victims and experts who have examined the campaign.

Cyberhaven, a California-based cyber security firm says it was recently hacked on Christmas Eve, and that the hackers were targeting Chrome extensions. Cyberhaven doesn’t mention what the reasoning for the attack was,

A significant breach of popular Google Chrome extensions, including Cyberhaven, has exposed sensitive user data. Learn how the attack unfolded and how to secure your browser.

When Chrome flagged an extension for malware, it triggered hours of cleanup. Learn how to check your extensions, clear malware, and keep your browser secure for the future.