How can an extension change hands with no oversight?

Google patches two actively exploited Chrome vulnerabilities that could allow attackers to crash browsers or run malicious code. Billions of users urged to update.

Many Chrome extensions start as small developer projects, and once they gain users, are sold on. But what if the new owner turns out to be a bad actor who gains the ability to update software running ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.

PCWorld reports that 30 malicious Chrome extensions disguised as AI tools like ChatGPT and Gemini successfully stole passwords and sensitive data from over 260,000 users. These fake extensions ...

The Chrome Web Store has been infested with dozens of malicious browser extensions claiming to provide AI assistant functionality but that secretly are siphoning off personal information from victims.

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators. An ...

eSpeaks’ Corey Noles talks with Rob Israch, President of Tipalti, about what it means to lead with Global-First Finance and how companies can build scalable, compliant operations in an increasingly ...

agent-browser gave AI agents eyes into the browser. agent-crx does the same for Chrome extensions -- your agent can see console output, network requests, DOM state with interactive element refs, take ...

2026 research by Incogni found that a lot of Google Chrome’s extensions collect user data. The most intrusive types are programming and writing assistants. Grammarly and Quillbot are very risky tools ...