Google Chrome Extension Vulnerability Exposes Millions to 2FA Bypass Attacks
• 1 min read
A sophisticated phishing campaign targeting Chrome extensions has compromised two-factor authentication protection for millions of users since December 2023. The attacks, including a major breach at Cyberhaven, allow hackers to steal and reuse authentication cookies to bypass security measures.
Chrome Extension Breach: Cyberhaven Attack Exposes Millions to Cookie Theft Risk
• 1 min read
A sophisticated phishing attack on Cyberhaven led to the compromise of their Chrome extension, potentially affecting 400,000 corporate customers during the 2023 holiday season. The incident highlights critical vulnerabilities in two-factor authentication systems and the need for enhanced security measures like passkeys.