Breach cyber

Cyberhaven

Jan 1, 2025 1 min read
Cyberhaven

Cyberhaven fell victim to a supply chain attack when threat actors compromised at least 16 Chrome browser extensions, one of which was Cyberhaven's own Chrome extension. This incident led to the exposure of data for over 600,000 users. Upon stealing an employee's credentials via phishing on December 24, attackers pushed a malware-infested version to the Chrome Web Store. The malicious extension harvested cookies and access tokens. Version 24.10.4 of the Cyberhaven extension was compromised, affecting users who updated their extensions between December 25 and 26. The intrusion was identified swiftly and addressed within an hour, but it was part of a larger campaign aimed at Facebook Ads users.

Source: https://securityaffairs.com/172491/hacking/chrome-browser-extensions-compromise.html

"id": "cyb000010125",
"linkid": "cyberhaven",
"type": "Breach",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Microsoft

public 1 min read
Microsoft faced privacy concerns regarding their newly launched AI feature named Recall. Recall captures screenshots every five seconds to assist…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.