Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access

News

Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect OpenAI ChatGPT authentication tokens. One of the extensions in question is Amazon Ads Blocker (ID: pnpchphmplpdimbllknjoiopmfphellj), which claims to be a tool to browse Amazon without any sponsored content. It was uploaded to the Chrome…

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

Amazon Disrupts APT29 Watering Hole Campaign Abusing Microsoft Device Code Authentication

News

Aug 29, 2025Ravie LakshmananThreat Intelligence / Malware Amazon on Friday said it flagged and disrupted what it described as an opportunistic watering hole campaign orchestrated by the Russia-linked APT29 actors as part of their intelligence gathering efforts. The campaign used “compromised websites to redirect visitors to malicious infrastructure designed to trick users into authorizing attacker-controlled…