news 
Cyberhaven Says Hacked to Publish Malicious Update to Chrome Extension
Data-loss prevention startup Cyberhaven has confirmed that hackers have published a malicious update to its Chrome extension, which could potentially steal customer passwords and session tokens.
According to the company’s statement, the attack was part of a larger campaign targeting Chrome extension developers across various companies. Cyberhaven claims it is working with federal law enforcement agencies to investigate the incident.
The compromised account allowed attackers to publish a malicious update to Cyberhaven’s Chrome extension, which has tens of thousands of users. The exact impact of this attack remains unclear at present.
While details about the company’s internal security measures are scarce, Cyberhaven mentioned that it is launching an internal review and strengthening its security practices in response to the incident.
It is essential for all extensions’ users to be aware of this development and check their extension updates regularly.
Source: techcrunch.com
