https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions
A sophisticated supply chain attack has targeted Chrome extension developers, compromising dozens of extensions and potentially impacting millions of users.
The campaign involved phishing emails impersonating official Chrome Web Store communications. These emails lured developers into granting access to a malicious OAuth app, allowing attackers to upload compromised versions of their extensions.
The attack, which may have been ongoing since at least December 2023, targeted sensitive data like API keys and session cookies from services like ChatGPT and Facebook for Business.
While many compromised extensions have been removed from the Chrome Web Store, and developers have released updates, the full extent of the damage remains unclear.
This incident highlights the critical importance of robust security measures for developers and the need for constant vigilance against evolving phishing tactics.