🟡 CVE-2025-4021: A vulnerability was found in c... 🟡 CVE-2025-4020: A vulnerability was found in P... 🟡 CVE-2025-32472: The multiScan and picoScan are... 🟡 CVE-2025-4019: A vulnerability, which was cla... 🟡 CVE-2025-4018: A vulnerability, which was cla... 🟡 CVE-2025-4017: A vulnerability classified as ... 🟡 CVE-2025-4016: A vulnerability classified as ... 🟡 CVE-2025-4015: A vulnerability was found in 2... 🟡 CVE-2025-4014: A vulnerability was found in P... 🔥 CVE-2025-3200: An unauthenticated remote atta... 🟡 CVE-2025-4013: A vulnerability was found in P... 🟡 CVE-2025-4012: A vulnerability was found in p... 🟡 CVE-2025-4011: A vulnerability has been found... ⚠️ CVE-2025-42598: Multiple SEIKO EPSON printer d... 🟡 CVE-2025-39367: Missing Authorization vulnerab... 🟢 CVE-2025-32471: The device’s passwords have no... ⚠️ CVE-2025-32470: A remote unauthenticated attac... ⚠️ CVE-2025-4007: A vulnerability classified as ... ⚠️ CVE-2025-22235: EndpointRequest.to() creates a... 🟡 CVE-2025-4006: A vulnerability classified as ... 🟡 CVE-2025-4005: A vulnerability was found in P... 🟡 CVE-2025-4004: A vulnerability was found in P... 🟡 CVE-2025-4003: A vulnerability was found in R... 🟡 CVE-2025-4002: A vulnerability was found in R... 🟡 CVE-2025-4001: A vulnerability has been found... 🟡 CVE-2025-4000: A vulnerability, which was cla... 🟡 CVE-2025-3999: A vulnerability, which was cla... 🟡 CVE-2025-3998: A vulnerability classified as ... 🟡 CVE-2025-3997: A vulnerability classified as ... 🟡 CVE-2025-3996: A vulnerability was found in T... 🟡 CVE-2025-3706: The eHRMS from 104 Corporation... 🟡 CVE-2025-3995: A vulnerability was found in T... 🟡 CVE-2025-3994: A vulnerability was found in T... ⚠️ CVE-2025-3993: A vulnerability was found in T... ⚠️ CVE-2025-3992: A vulnerability has been found... ⚠️ CVE-2025-3991: A vulnerability, which was cla... 🟡 CVE-2025-31144: Quick Agent V3 and Quick Agent... ⚠️ CVE-2025-27937: Quick Agent V3 and Quick Agent... 🔥 CVE-2025-26692: Quick Agent V3 and Quick Agent... ⚠️ CVE-2025-3990: A vulnerability, which was cla... ⚠️ CVE-2025-3989: A vulnerability classified as ... 🟡 CVE-2025-46690: Ververica Platform 2.14.0 allo... 🟡 CVE-2025-46689: Ververica Platform 2.14.0 cont... ⚠️ CVE-2025-3988: A vulnerability classified as ... 🟡 CVE-2025-3987: A vulnerability was found in T... 🟡 CVE-2025-3986: A vulnerability was found in A... 🟡 CVE-2025-3985: A vulnerability was found in A... 🟡 CVE-2025-46688: quickjs-ng through 0.9.0 has a... 🟡 CVE-2025-46687: quickjs-ng through 0.9.0 has a... 🟢 CVE-2025-3984: A vulnerability was found in A... 🟡 CVE-2025-3983: A vulnerability has been found... 🟡 CVE-2025-3982: A vulnerability, which was cla... 🟡 CVE-2025-3981: A vulnerability, which was cla... 🟢 CVE-2025-2866: Improper Verification of Crypt... 🟡 CVE-2025-3980: A vulnerability classified as ... 🟡 CVE-2025-3979: A vulnerability classified as ... 🟡 CVE-2025-3978: A vulnerability was found in d... 🟡 CVE-2025-3977: A vulnerability was found in i... ⚠️ CVE-2025-46657: Karaz Karazal through 2025-04-... 🟡 CVE-2025-3976: A vulnerability was found in P... 🟡 CVE-2025-3975: A vulnerability was found in S... 🟡 CVE-2025-3974: A vulnerability has been found... 🟡 CVE-2025-3973: A vulnerability, which was cla... 🟡 CVE-2025-3972: A vulnerability, which was cla... 🟡 CVE-2025-3971: A vulnerability classified as ... 🟡 CVE-2025-3970: A vulnerability classified as ... 🟡 CVE-2025-3969: A vulnerability was found in c... 🟡 CVE-2025-3968: A vulnerability was found in c... 🟡 CVE-2025-3967: A vulnerability was found in i... 🟡 CVE-2025-3886: An issue in CatoNetworks CatoC... 🟡 CVE-2025-3966: A vulnerability was found in i... 🟡 CVE-2025-3965: A vulnerability has been found... 🟡 CVE-2025-3964: A vulnerability, which was cla... 🟡 CVE-2025-3963: A vulnerability, which was cla... 🟡 CVE-2024-52888: For an authenticated end-user ... 🟢 CVE-2024-52887: Authenticated end-user may set... 🟡 CVE-2025-3962: A vulnerability classified as ... 🟡 CVE-2025-3961: A vulnerability classified as ... 🟡 CVE-2025-3960: A vulnerability was found in w... 🟡 CVE-2025-3959: A vulnerability was found in w... 🟡 CVE-2025-3958: A vulnerability was found in w... 🟡 CVE-2025-3957: A vulnerability was found in o... 🟡 CVE-2025-3956: A vulnerability has been found... ⚠️ CVE-2025-46580: There is a code-related vulner... ⚠️ CVE-2025-46579: There is a DDE injection vulne... 🟡 CVE-2025-46578: There are SQL injection vulner... 🟡 CVE-2025-46577: There is a SQL injection vulne... 🟡 CVE-2025-46576: There is a Permission Manageme... 🟡 CVE-2025-46575: There is an information disclo... 🟡 CVE-2025-46574: There is an information disclo... 🟢 CVE-2025-46675: In NASA CryptoLib before 1.3.2... 🟢 CVE-2025-46674: NASA CryptoLib before 1.3.2 us... 🟡 CVE-2025-46673: NASA CryptoLib before 1.3.2 do... 🟢 CVE-2025-46672: NASA CryptoLib before 1.3.2 do... 🟡 CVE-2025-3955: A vulnerability, which was cla... 🟢 CVE-2025-46656: python-markdownify (aka markdo... 🟡 CVE-2025-3954: A vulnerability, which was cla... 🟡 CVE-2025-46655: CodiMD through 2.5.4 has a CSP... 🟡 CVE-2025-46654: CodiMD through 2.2.0 has a CSP... 🟢 CVE-2025-46653: Formidable (aka node-formidabl...
Recent Chrome Extension Hacks Highlight Browser Security Risks

By Cybersecurity Team on

Recent Chrome Extension Hacks Highlight Browser Security Risks

In December 2024, a series of cyberattacks compromised several Chrome browser extensions, exposing users to data theft and other security risks. These incidents underscore the vulnerabilities inherent in browser extensions and the need for heightened vigilance among users and developers.

The Cyberhaven Breach

On December 24, 2024, Cyberhaven, a data protection company, reported that its Chrome extension had been compromised. Attackers managed to publish a malicious update (version 24.10.4) that was active for approximately 25 hours before being removed. This update enabled the exfiltration of sensitive user data, including authenticated sessions and cookies, to a rogue domain. Cyberhaven promptly released a clean update (version 24.10.5) and has been cooperating with federal law enforcement to address the breach.

Wider Implications

Security researcher Jaime Blasco identified that this attack was part of a broader campaign targeting multiple Chrome extensions, including those related to artificial intelligence and virtual private networks (VPNs). The attackers appeared to be opportunistically compromising extensions to collect sensitive data across various platforms, rather than targeting specific organizations.

Recommendations for Users

In light of these events, users are advised to:

  • Regularly review installed browser extensions and remove any that are unnecessary or unfamiliar.
  • Ensure all extensions are updated to their latest versions, as developers often release patches to address security vulnerabilities.
  • Be cautious when granting permissions to extensions, especially those requesting access to sensitive data or extensive browser capabilities.
  • Consider using reputable security software to detect and prevent malicious activities associated with compromised extensions.

Recommendations for Developers

Extension developers should implement robust security measures to protect their extensions from unauthorized access, including:

  • Employing strong authentication mechanisms to prevent account compromises.
  • Regularly auditing code and dependencies for vulnerabilities.
  • Monitoring for suspicious activities related to their extensions and responding promptly to potential security incidents.

Conclusion

The recent compromises of Chrome extensions highlight the importance of maintaining rigorous security practices for both users and developers. Staying informed and vigilant can significantly reduce the risks associated with browser extension vulnerabilities.

Sources

Back to Posts