The "Google Notes" extension, identified by McAfee researchers, operates by requesting broad permissions, including access to all websites, browsing history, and the clipboard, which are unusual for a note-taking application.
This activity is part of a large, multi-language campaign that distributes malicious installer archives hosted on spoofed websites, according to a recent report by The Hacker News.
RustDuck targets a variety of IoT devices, including routers, cameras, and Android set-top boxes, as well as exposed servers running software like ThinkPHP and Jenkins.
The StegoAd campaign employed steganography to hide malicious JavaScript within image and font files, making the extensions appear legitimate and functional.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.