GLOBAL SITUATIONMONITORING

517 published briefsUTCSat, May 16 09:22:16

Intelligence Tag

browser extension malware

Tag for malicious browser extension incidents

1 intelligence brief← Intelligence Hub

Chrome extensions turned malicious after ownership transfer, pushing code injection and fake updates

Two Chrome extensions, QuickLens and ShotBird, turned malicious after ownership changes, enabling attackers to inject arbitrary code, strip security headers, display fake Chrome update prompts, and steal sensitive data from downstream users.

Peter Chofield

Mar 16, 2026

2–3 minutes