#session-token-theft

[ follow ]
#browser-extension-supply-chain #shadypanda #spyware-and-rce #saas-security #browser-security
Information security
fromThe Hacker News
1 day ago

A Browser Extension Risk Guide After the ShadyPanda Campaign

Malicious supply-chain hijacking of trusted Chrome and Edge extensions enabled ShadyPanda to convert 4.3M installs into a stealthy RCE spyware and session-token theft campaign.
fromThe Hacker News
3 months ago

When Browsers Become the Attack Surface: Rethinking Security for Scattered Spider

As enterprises continue to shift their operations to the browser, security teams face a growing set of cyber challenges. In fact, over 80% of security incidents now originate from web applications accessed via Chrome, Edge, Firefox, and other browsers. One particularly fast-evolving adversary, Scattered Spider, has made it their mission to wreak havoc on enterprises by specifically targeting sensitive data on these browsers.
Information security
[ Load more ]