New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject data-stealing code, including those from cybersecurity firm Cyberhaven.

Christmas Eve attack sees Cyberhaven Chrome extension hit Some data could have been exfiltrated, Cyberhaven systems secure Users are being told to change their passwords Cyberhaven has confirmed its Google Chrome extension was the subject of a Christmas Eve cyberattack,

The data-loss startup says it was targeted as part of a "wider campaign to target Chrome extension developers."

Multiple Chrome browser extensions have been hijacked by hackers in recent months to steal data from their users.

A hacker phished a Cyberhaven employee to upload a malicious version of the company's Chrome extension, but it may not be the only victim.

Cyberhaven and other Chrome extensions were compromised in a supply chain attack targeting Facebook advertising users.

Other extensions possibly affected include Internxt VPN, VPNCity, Uvoice, and ParrotTalks, as Bleeping Computer writes. Cyberhaven says hackers pushed an update (version 24.10.4) of its Cyberhaven data loss prevention extension containing the malicious code on Christmas Eve at 8:32PM ET.

The publishers of browser extensions on the Google Chrome Web Store were reportedly targeted via a phishing campaign.