Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability

An analysis of a popular Google Chrome ad block extension for YouTube has uncovered the ability to execute arbitrary JavaScript code. According to Island, the extension, named Adblock for YouTube ID: cmedhionkhpnakcndndgjdbohmhepckk, has more than 10 million installs and carries a Featured badge ...

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into executing malicious commands under the pretext of restoring normal functionality. This variant...

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into executing malicious commands under the pretext of restoring normal functionality. This variant...

$6,000 “Stanley” Toolkit Sold on Russian Forums Fakes Secure URLs in Chrome

Say hello to Stanley, a new malicious toolkit that guarantees bypassing Google’s Chrome Web Store review process...

EUVD-2013-0896

Malware in sbrugna...

Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials

Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. "The polymorphic extensions create a pixel perfect replica of the target's icon, HTML popup, workflows and even temporarily disables the legitimate...

Google Manifest V3 and Malwarebytes Browser Guard

We wanted to update you on some changes that Google’s making, and what we’re doing in Browser Guard to keep you protected. Some of our customers have recently reported seeing messages that say Browser Guard may soon no longer be supported in their browser. Luckily, theres no need for you to worry...

SOC-Multitool - A Powerful And User-Friendly Browser Extension That Streamlines Investigations For Security Professionals

Introducing SOC Multi-tool, a free and open-source browser extension that makes investigations faster and more efficient. Now available on the Chrome Web Store and compatible with all Chromium-based browsers such as Microsoft Edge, Chrome, Brave, and Opera. Now available on Chrome Web Store!...

Google Play’s Data safety section empowers Android users to make informed app choices

Google has launched its new "nutrition labels" for apps, a feature it promised in the spring of 2021. This release came days after the Chrome team released badges for the Chrome Web Store for browser extensions. The company said in a blog post that its rolling out the labels—which it calls the...

What’s New in InsightAppSec and tCell: Q2 2021 in Review

If there’s a theme to InsightAppSec and tCell updates and improvements in the second quarter, it would be “save time by building it into the process.” Building a more efficient process is key in further securing web applications. Can you get it done faster from home? Or is the quickest way to the...

Google Chrome to Help Users Identify Untrusted Extensions Before Installation

Google on Thursday said it's rolling out new security features to Chrome browser aimed at detecting suspicious downloads and extensions via its Enhanced Safe Browsing feature, which it launched a year ago. To this end, the search giant said it will now offer additional protections when users...

WARNING — Hugely Popular 'The Great Suspender' Chrome Extension Contains Malware

Google on Thursday removed The Great Suspender , a popular Chrome extension used by millions of users, from its Chrome Web Store for containing malware. It also took the unusual step of deactivating it from users' computers. "This extension contains malware," read a terse notification from Google...

A week in security (August 3 – 9)

Last week on Malwarebytes Labs, on our Lock and Code podcast, we talked about identity and access management technology. We also wrote about business email compromises to score big, discussed how the Data Accountability and Transparency Act of 2020 looks beyond consent, and we analyzed how the...

500 Malicious Chrome Extensions Impact Millions of Users

Researchers say that 500 Google Chrome browser extensions were discovered secretly uploading private browsing data to attacker-controlled servers, and redirecting victims to malware-laced websites. The browser extensions, all of which have now been removed, were downloaded millions of times from...

Malicious Ad Blockers for Chrome Caught in Ad Fraud Scheme

Google has removed two malicious ad blockers from its Chrome Web Store after a researcher discovered they were carrying out ad fraud and deceived Chrome users by using names of legitimate and popular blockers. Researcher Andrey Meshkov from rival ad blocker maker AdGuard discovered that the...

ExtAnalysis - Browser Extension Analysis Framework

With ExtAnalysis you can : Download & Analyze Extensions From: Chrome Web Store Firefox Addons Analyze Installed Extensions of: Google Chrome Mozilla Firefox Opera Browser Coming Soon Upload and Scan Extensions. Supported formats: .crx .xpi .zip Features of ExtAnalysis : View Basic Informations:...

Tenable IO WAS Chrome Extension

In the comments of the previous post about Tenable IO WAS Fergus Cooney mentioned a new Google Chrome extension for Tenable IO WAS, that should help in configuring scan Authentication setting. You can install it in Chrome Web Store. The idea is great. Authentication process in modern web...

Google Cracks Down on Malicious Chrome Extensions in Major Update

Google on Monday announced major changes to its Chrome Web Store as the company tries to ax the malicious extensions that have continuously popped up on its platform over the years. The array of security improvements include a stricter extension review process, new code-readability requirements...

Google Bans Cryptocurrency Mining Extensions From Chrome Web Store

In an effort to prevent cryptojacking by extensions that maliciously mine digital currencies without users' awareness, Google has implemented a new Web Store policy that bans any Chrome extension submitted to the Web Store that mines cryptocurrency. Over the past few months, we have seen a sudden...

Cisco Patches Critical Flaw in WebEx Chrome Plugin

A vulnerability in the Cisco WebEx Chrome Plugin, used by tens of millions for web conferencing in business environments, exposed computers to remote code execution. Cisco has begun releasing updates that patch the flaw, details of which were disclosed Monday by Google Project Zero researcher Tav...