Security · 2h ago
Microsoft Removes 119 Edge Extensions Hiding Malware in Images
Microsoft removed 119 malicious Edge extensions that used steganography to hide malware in image and font files. The extensions, part of a campaign called StegoAd active since 2021, would activate days after installation to steal credentials and commit ad fraud. The threat actor behind the operation remains unidentified.
Meridian48 take
The takedown highlights how browser extension stores remain a weak point for supply-chain attacks, with steganography making detection harder for both users and automated scanners.
Read the full reporting
Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts →
The Hacker News
malwareedge-extensions