India, Feb. 28 -- Many of the most popular Chrome extensions were hijacked, and 3.2 million users worldwide would be exposed to this massive data breach. The attacks started in mid-December 2024 by pushing malicious updates to users through popular browser add-ons and involved theft, malware infections, and 2FA bypass.

The incident highlights the browser extensions security vulnerabilities and raises big questions about user and data safety.

Researchers found the large-scale attack saw 35 Chrome extensions taken over. They had most of the affected extensions with millions of downloads, including:

AI/LLM tools

Free VPN services

Ad blockers and other privacy-focused extensions.

You could make a case for the Cyberhaven Extension, a nex...