Cyberhaven’s Chrome extension was manipulated with a phishing email sent to developers. Following the incident, it transpired that another 19 Chrome extensions had been compromised, affecting 1.46 million downloads. The earliest compromise dates back to May 2024. The successful attacks were due to ineffective management and monitoring of browser extensions as part of company’s security programs. The breach seemingly has its roots in a code library used by developers to monetise their extensions.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is