A long-running campaign by a group called ShadyPanda has infected 4.3 million users of Chrome and Edge with spyware hidden in legitimate-looking browser extensions. Some of these extensions, still available on the Edge store, allow attackers to track user behavior and steal sensitive data. Researchers warn that the infrastructure for attacks remains active even after the extensions have been removed.

FreeVPN.One, initially a trusted VPN, has been caught secretly capturing users' screens and sensitive information without consent through a series of updates that expanded its permissions and functionality. Despite claiming to protect user privacy, the extension employs deceptive practices to surveil users, raising serious concerns about security in browser marketplaces. The article highlights the risks associated with malicious extensions and the need for better oversight in software security.