Hackers exploit Google Chrome extensions to bypass two-factor authentication

A recent attack has confirmed that hackers can bypass two-factor authentication (2FA) for Google Chrome users by compromising browser extensions. This ongoing campaign has affected millions, with a notable incident involving Cyberhaven's extension on December 24. The attack allowed hackers to publish a malicious version of Cyberhaven's extension, which was active for about 24 hours. Users of the compromised version could have their session cookies stolen, potentially exposing them to unauthorized access on targeted websites. Cyberhaven has since removed the malicious extension and deployed a secure update. Users are advised to ensure they are using the latest version of the extension to protect against these vulnerabilities.