ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

Updated on December 1, 2025

A threat actor known as ShadyPanda has been linked to a seven-year-long browser extension campaign that has amassed over 4.3 million installations over time.
Five of these extensions started off as legitimate programs before malicious changes were introduced in mid-2024, according to a report from Koi Security, attracting 300,000 installs. These extensions have since been taken down.
“These…

Read the rest of the story at Read More

Source: The Hacker News

November 5, 2024 Uncategorized

Leveraging Wazuh for Zero Trust security

November 4, 2025 Uncategorized

U.S. Prosecutors Indict Cybersecurity In...

December 6, 2025 Uncategorized

ShadyPanda Turns Popular Browser Extensions with 4.3 Million Installs Into Spyware

Related posts

Leveraging Wazuh for Zero Trust security

U.S. Prosecutors Indict Cybersecurity In...

Researchers Uncover 30+ Flaws in AI Codi...

Leave a Comment Cancel reply

Recent News

MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors

Europol Arrests 34 Black Axe Members in Spain Over €5.9M Fraud and Organized Crime

China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines

Russian APT28 Runs Credential-Stealing Campaign Targeting Energy and Policy Organizations

Cybersecurity Predictions 2026: The Hype We Can Ignore (And the Risks We Can’t)

Trend Micro Apex Central RCE Flaw Scores 9.8 CVSS in On-Prem Windows Versions

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

FBI Warns North Korean Hackers Using Malicious QR Codes in Spear-Phishing

WhatsApp Worm Spreads Astaroth Banking Trojan Across Brazil via Contact Auto-Messaging

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes