GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...
CSO Online

‘Featured’ Urban VPN caught stealing private AI chats

The browser extension injects scripts to capture AI prompts and responses even when the VPN features are disabled.