MEDIUMMalware
Global

108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users

·Source: Graham Cluley

Updated:

Executive Summary

Cybersecurity researchers have revealed that 108 malicious Google Chrome extensions have been quietly stealing user credentials, hijacking Telegram sessions, and injecting unwanted ads and scripts into browsers - all reporting back to the same central point. Read more in my article on the Hot for Security blog.

Analysis

Cybersecurity researchers have revealed that 108 malicious Google Chrome extensions have been quietly stealing user credentials, hijacking Telegram sessions, and injecting unwanted ads and scripts into browsers - all reporting back to the same central point. Read more in my article on the Hot for Security blog.
Source Attribution

Originally published by Graham Cluley on Apr 15, 2026.

Related Threats

LOWMalware

U.S. authorities conduct cyber operations as part of global crackdown on DDoS-for-hire services

ANCHORAGE, Alaska – The U.S. Justice Department today announced court-authorized actions taken to disrupt some of the world’s leading Distributed Denial of Service (DDoS) Internet of Things (IoT) botnet services. U.S. authorities continue to focus resources on charging DDoS botnet administrators and seizing infrastructure, like websites, that allow paying users to launch powerful DDoS attacks....

DataBreaches.net
MEDIUMMalware

ZionSiphon Malware Targets ICS in Water Facilities

The malware is configured to operate on systems associated with Israeli water treatment and desalination plants. The post ZionSiphon Malware Targets ICS in Water Facilities appeared first on SecurityWeek .

SecurityWeek
MEDIUMMalware

ZionSiphon malware designed to sabotage water treatment systems

A new malware called ZionSiphon, specifically designed for operational technology, is targeting water treatment and desalination environments to sabotage their operations. [...]

BleepingComputer