India, Dec. 4 -- A long-running malware campaign has turned browser extensions on Chrome and Edge into spyware, affecting more than 4 million users, according to a report by Koi Security. The operation, known as ShadyPanda, used updates to legitimate extensions to introduce harmful features over time.

Microsoft confirmed that it has removed all flagged extensions from the Edge Add-ons store. "When we find content that violates our policies, we remove it or end the publishing agreement," a spokesperson said.

ShadyPanda involved 20 extensions on the Chrome Web Store and 125 on Edge. The first extensions appeared in 2018, but malicious behaviour did not emerge until 2023, when tools posing as wallpapers or productivity apps began injecting...