Fox News Channel offers its audiences in-depth news reporting, along with opinion and analysis encompassing the principles of free people, free markets and diversity of thought, as an alternative to the left-of-center offerings of the news marketplace.
Cybersecurity researchers have uncovered a serious threat hiding inside Google Chrome. Several browser extensions pretend to be helpful tools. In reality, they quietly take over user accounts. These extensions impersonate popular human resources and business platforms such as Workday, NetSuite and SAP SuccessFactors.
Once installed, they can steal login data and block security controls designed to protect users. Many people who installed them had no warning signs that anything was wrong. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter. WHY CLICKING THE WRONG COPILOT LINK COULD PUT YOUR DATA AT RISK The fake Chrome extensions to watch out for Security researchers from Socket's Threat Research Team identified five malicious Chrome extensions connected to this campaign. The add-ons were marketed as productivity or security tools, but were designed to hijack accounts. The extensions include: We reached out to Google, and a spokesperson told CyberGuy that the extensions are no longer available on the Chrome Web Store. However, some are still available on third-party software download sites, which continues to pose a risk. If you see any of these names installed in your browser, remove them immediately. Why malicious Chrome extensions look legitimate These malicious add-ons are designed to look legitimate. They use professional names, polished dashboards and business-focused descriptions. Some claim to offer faster access to workplace tools. Others say they restrict user actions to protect company accounts. Privacy policies often promise that no personal data is collected. For people juggling daily work tasks or managing business accounts, the pitch sounds helpful rather than suspicious. What these extensions actually do After installation, the extensions operate silently in the background. They steal session cookies, which are small pieces of data that tell websites you are already logged in. When attackers get these cookies, they can access accounts without a password. At the same time, some extensions block access to security pages. Users may be unable to change passwords, disable accounts or review login history. One extension even allows criminals to insert stolen login sessions into another browser. That lets them sign in instantly as the victim. Why malicious Chrome extensions are so dangerous This attack goes beyond stealing credentials. It removes the ability to respond. Security teams may detect unusual activity, but cannot fix it through normal controls. Password changes fail. Account settings disappear. Two-factor authentication tools become unreachable. As a result, attackers can maintain access for long periods without being stopped. How to check for these extensions on your computer If you use Google Chrome, review your extensions now. The process only takes a few minutes. Look for unfamiliar names, especially those claiming to offer access to HR platforms or business tools. WEB SKIMMING ATTACKS TARGET MAJOR PAYMENT NETWORKS How to remove suspicious Chrome extensions If you find one of these extensions, remove it immediately. Restart your browser after removal to ensure the extension is fully disabled. If Chrome sync is enabled, repeat these steps on all synced devices before turning sync back on. What to do after removing the extension Removal is only the first step. Change passwords for any accounts accessed while the extension was installed. Use a different browser or device if possible. A password manager can help you create strong, unique passwords for each account and store them securely. This reduces the risk of reused passwords being exploited again. Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com. Finally, review account activity for unfamiliar logins, locations or devices and be sure to follow the steps below to stay safe moving forward. Ways to stay safe going forward Simple habits can significantly reduce your risk. 1) Limit browser extensions Only install extensions you truly need. The fewer extensions you use, the smaller your attack surface becomes. 2) Be cautious with add-ons Avoid extensions that promise premium access or special tools for enterprise platforms. Legitimate companies rarely require browser add-ons for account access. 3) Check permissions carefully Be wary of extensions that request access to cookies, browsing data or account management. These permissions can be abused to hijack sessions. 4) Review extensions regularly Check your browser every few months and remove tools you no longer use or recognize. WHATSAPP WEB MALWARE SPREADS BANKING TROJAN AUTOMATICALLY 5) Use strong antivirus software Strong antivirus software can help detect malicious extensions, block suspicious behavior and alert you to browser-based threats before damage occurs. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com. 6) Consider a data removal service If your work or personal information has been exposed, a data removal service can help reduce your digital footprint by removing your details from data broker sites. This lowers the risk of follow-up scams or identity misuse. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren't cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It's what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com. Get a free scan to find out if your personal information is already out on the web: Cyberguy.com. 7) Avoid third-party download sites Do not reinstall extensions from third-party websites, even if they claim to offer the same features. These sites often host outdated or malicious versions. CLICK HERE TO DOWNLOAD THE FOX NEWS APP Kurt's key takeaways Browser extensions can be useful, but this research shows how easily they can also be abused. These fake Chrome add-ons did not rely on flashy tricks or obvious warnings. They blended in, looked professional and quietly did their damage in the background. The good news is that you do not need to be a tech expert to protect yourself. Taking a few minutes to review your extensions, remove anything unfamiliar and lock down your accounts can make a real difference. Small habits, repeated regularly, go a long way in reducing risk. If there is one takeaway here, it is this: convenience should never come at the cost of security. A clean browser and strong account protections give you back control. How many browser extensions do you have installed right now that you have never looked at twice? Let us know by writing to us at Cyberguy.com. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter. Copyright 2026 CyberGuy.com. All rights reserved.
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
NYC winter storm latestFOX 5 NY's Audrey Puente has the forecast.
Read more »
Google’s Last Minute Offer For Pixel CustomersGoogle has slashed the price of the Pixel 9a in its online store. And the offer might hold the secret... the launch date of the Pixel 10a.
Read more »
NYC snow update: Latest models, updated totalsFOX 5 NY's Mike Woods has the latest on the snowstorm hitting New York City.
Read more »
Winter weather • Woman dies in cold • Earthquake shakes IllinoisThese are the top stories in Fox 32's Week in Review.
Read more »
Chrome And Safari Warning—If You See This, You’re Being HackedThese attacks put your passwords, accounts and data at risk — what to know.
Read more »
Türkiye slams malicious 'Daesh support' allegations as baseless disinformationSocial media posts alleging Turkish 'support' for Daesh terrorists and violence against women are part of a deliberate disinformation campaign, Ankara says.
Read more »