Cybersecurity firm Cyberhaven was targeted in a large-scale malware attack, infecting 400k users through their Chrome extension. The attack began with a phishing email sent to a Cyberhaven administrator. The firm then released a malicious version of the extension, which inadvertently spread to users. The hack enabled the theft of users’ sensitive data. Subsequent investigations discovered dozens of other Chrome extensions with the same malicious code, affecting over one million computers.

Hackers are selling counterfeit phones with crypto-stealing malware
Kaspersky has identified thousands of low-cost Android smartphones sold online that come with preinstalled malware programmed to steal cryptocurrency details. The devices are infected with