Over 100 Chrome Extensions Steal Data, Kraken Hit by Insider Extortion

Over 100 Chrome Extensions Steal User Data from Web Store

• Malicious add-ons steal Google OAuth2 Bearer tokens and account details.
• Over 100 extensions stayed listed in official Chrome Web Store.
• Groups deployed backdoors and ran ad fraud on millions of users.

USA, Apr 14 (TNGB) – Security researchers uncovered more than 100 extensions available directly through the Google Chrome Web Store that stole sensitive user information. The tools reportedly collected OAuth2 tokens along with email addresses, names and profile pictures while installing hidden backdoors for ongoing access. One group of 54 extensions specifically targeted the chrome.identity.getAuthToken API to harvest Google account data and enable further unauthorized actions.

The breach demands urgent scans of every installed extension.

Why This Matters: Browser store vulnerabilities expose everyday users to account takeovers and data theft at scale.

Kraken Exchange Faces Extortion After Insider Security Breach

• Support staff granted unauthorized access in two separate incidents.
• Attackers targeted roughly 2000 accounts with internal system videos.
• No customer funds lost and no full system breach occurred.

USA, Apr 14 (TNGB) – Crypto exchange Kraken disclosed an extortion attempt following two insider-related incidents where support employees accessed limited client data. The criminal group reportedly threatened to release videos showing internal systems unless demands were met. Kraken terminated the access immediately and refused payment while notifying affected users.

The case shows internal access controls require constant tightening.

Why This Matters: Insider threats in crypto platforms highlight how employee privileges can lead to public extortion without actual fund losses.

Reno Police Sued Over Wrongful Arrest from Facial Recognition

• False casino match led to 12-hour detention without evidence.
• Lawsuit claims department failed to train officers on tool limits.
• Filing alleges thousands of similar unlawful arrests since 2023.

RENO, NEVADA, Apr 14 (TNGB) – Jason Killinger sued the City of Reno and its police department after officers arrested him based solely on a facial recognition mismatch at the Peppermill casino. The department reportedly lacked any policy or training requiring corroborating evidence before acting on a match. Killinger spent 12 hours in custody and now seeks accountability for systemic failures in biometric use.

Facial recognition errors demand rigorous human oversight.

Why This Matters: Untrained reliance on imperfect technology erodes public trust in law enforcement and violates basic due process.

Germany Pushes Mandatory Digital ID for Social Media Logins

• SPD proposes EU digital wallet for all social media age checks.
• Plan targets users 16 and older with parent-linked access for youth.
• Critics note it contradicts claims the wallet stays voluntary.

BERLIN, GERMANY, Apr 14 (TNGB) – Germany’s Social Democratic Party advanced legislation requiring the EU Digital Identity Wallet for social media logins to enforce age verification. The proposal reportedly includes tiers with bans under age 14 and restricted features for 14-to-15-year-olds using guardian accounts. Officials aim for full integration despite earlier assurances that the wallet would remain optional for citizens.

Digital identity mandates erode user privacy over time.

Why This Matters: Linking government ID to online speech sets precedents for broader surveillance across Europe.

Omnistealer Malware Leverages Blockchain for Permanent Hosting

• Infostealer pulls final payload from TRON and Aptos blockchains.
• Malware targets over 60 crypto wallets plus password managers.
• Blockchain storage reportedly defeats traditional removal efforts.

USA, Apr 14 (TNGB) – A new infostealer named Omnistealer uses public blockchains like TRON and Aptos to host its command infrastructure permanently. The malware reportedly activates through fake developer job offers on LinkedIn and GitHub before stealing credentials from wallets, browsers and cloud services. Once embedded the code becomes nearly impossible to erase because blockchain entries persist indefinitely.

Blockchain hosting marks a dangerous evolution for malware.

Why This Matters: Permanent malware delivery raises the bar for defenders and complicates global takedown operations.

Fake Windows Update Sites Deliver Undetected Malware to Users

• Campaign targets French users with sites mimicking official patches.
• Payload uses layered obfuscation across multiple languages.
• Malware steals credentials, payment data and Discord tokens.

PARIS, FRANCE, Apr 14 (TNGB) – Attackers built fake Windows Update websites that tricked French visitors into downloading heavily obfuscated malware. The installer reportedly combined Electron, JavaScript and Python layers to evade detection entirely on VirusTotal. Once installed the payload extracted passwords, payment details and modified Discord clients for token theft.

Zero detections do not equal zero danger.

Why This Matters: Sophisticated lures exploiting trust in system updates continue to bypass security tools worldwide.

Over 70 Groups Urge Meta to Drop Facial Recognition Smart Glasses

• Coalition warns devices could identify strangers without consent.
• Smart glasses plan includes real-time public scanning features.
• Letter cites risks to privacy and potential for abuse by stalkers.

USA, Apr 14 (TNGB) – More than 70 organizations including civil liberties groups sent Meta a formal demand to abandon facial recognition features planned for its smart glasses. The hardware would reportedly scan faces in public and display names or personal details instantly on the wearer’s display. Opponents argue the technology hands powerful surveillance tools to abusers without user consent or legal safeguards.

Public identification tech invites serious privacy harms.

Why This Matters: Wearable facial recognition accelerates erosion of anonymous public spaces.

Microsoft Releases Massive Patch Tuesday Update Fixing Bugs

• April update fixed 163 vulnerabilities across multiple products.
• One zero-day under active exploitation in SharePoint Server.
• Defender flaw allowed privilege escalation with public exploits.

USA, Apr 14 (TNGB) – Microsoft issued its April Patch Tuesday release that addressed 163 security vulnerabilities in Windows and related services. One actively exploited zero-day reportedly allowed network-based spoofing and unauthorized data changes in SharePoint Server. A separate Microsoft Defender issue enabled privilege escalation when attackers used publicly available code.

Timely patching remains the best defense against exploits.

Why This Matters: Large monthly updates force organizations to prioritize testing amid rising zero-day threats.

FCC Decision Grants Netgear De Facto Router Monopoly

• Conditional exemption allows continued sales of Nighthawk and Orbi.
• Other manufacturers including US firms receive no similar relief.
• Ban on non-approved foreign routers takes effect in 2027.

WASHINGTON D.C., Apr 14 (TNGB) – The Federal Communications Commission granted Netgear a conditional exemption from its foreign router ban permitting ongoing production and support for popular Nighthawk and Orbi models. Competing manufacturers including domestic firms reportedly received no equivalent approval creating a unique market advantage. The ruling stems from national security requirements that restrict unapproved hardware sales after March 2027.

Limited router choices reduce competition for consumers.

Why This Matters: Regulatory exemptions reshape hardware markets while aiming to protect national infrastructure.

Low Profile Ransomware Targets Turkish Users with Small Demands

• JanaWare demands 200 to 400 dollars and checks Turkish locale.
• Campaign operates since 2020 through phishing Java archives.
• Malware uses decentralized chat for attacker communication.

ANKARA, TURKEY, Apr 14 (TNGB) – JanaWare ransomware has quietly encrypted files on Turkish home users and small businesses since 2020 while demanding unusually low ransoms. The strain reportedly verifies system language and IP location before activating to stay under global radar. Attackers distribute it via phishing emails containing malicious archives and handle negotiations through decentralized messaging tools.

Regional focus keeps this threat off global radar.

Why This Matters: Low-profile regional attacks still cause financial harm while evading international attention.