news 
Cyberhaven Says It Was Hacked to Publish Malicious Update to Its Chrome Extension
Data-loss prevention startup Cyberhaven has been hacked and a malicious update published to its Chrome extension, potentially stealing customer passwords and session tokens.
The company has confirmed the incident in a brief statement, stating that it has “initiated a comprehensive review of our security practices and will be implementing additional safeguards based on our findings.”
According to reports, the attack appears to be part of a wider campaign targeting Chrome extension developers across multiple companies. Cyberhaven’s hacked extension, which is used by thousands of users, was designed to prevent data breaches and secure online interactions.
The company has hired incident response firm Mandiant to investigate the breach and is actively cooperating with federal law enforcement agencies. It did not provide further details on how its account was compromised or what security measures were in place at the time of the attack.
Jaime Blasco, co-founder and CTO of Nudge Security, suggests that the attackers may have targeted extension developers based on their credentials, rather than Cyberhaven specifically. “It seems it wasn’t targeted against Cyberhaven, but rather opportunistically targeting extension developers,” he said in a statement.
Blasco also claims that several other Chrome extensions were compromised as part of the same campaign, with tens of thousands of users affected. He believes that these attacks may have taken place earlier this year and involved AI-related, productivity-focused, and VPN-based extensions.
The incident highlights the importance of robust security measures for extension developers, particularly in the increasingly complex landscape of web-based applications. Cyberhaven has not provided any information on whether customer data was compromised or if users need to take any immediate action to protect their accounts.
As the investigation continues, Cyberhaven is working with Mandiant and law enforcement agencies to identify the perpetrators and prevent future attacks.
Source: techcrunch.com
