GLOBAL SITUATIONMONITORING

517 published briefsUTCSun, Apr 26 01:49:07

Intelligence Tag

browser extension malware

Tag for malicious browser extension incidents

1 intelligence brief← Intelligence Hub

Chrome extensions turned malicious after ownership transfer, pushing code injection and fake updates

Two Chrome extensions, QuickLens and ShotBird, turned malicious after ownership changes, enabling attackers to inject arbitrary code, strip security headers, display fake Chrome update prompts, and steal sensitive data from downstream users.

Peter Chofield

Mar 16, 2026

2–3 minutes