Signal
Microsoft uncovers malicious browser extensions hijacking searches and using steganography
Evidence first: scan the strongest sources, then decide whether to go deeper.
Published 2026-06-29 18:40 UTCUpdated 2026-06-30 11:40 UTC
rss
cveexploitsmalwaresecurity_toolingincident_response
Trend in the last 24h
Source links open
Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.
No card needed for the free brief.
Evidence trail (top sources)
top sources (3 domains)domains are deduped. counts indicate coverage, not truth.3 top sources shown
Overview
Microsoft researchers have identified and helped remove malicious browser extensions targeting Chromium-based browsers.
Entities
MicrosoftGooglePerplexity AI
Score total
1.15
Momentum 24h
3
Posts
3
Origins
3
Source types
1
Duplicate ratio
0%
Why now
- The malicious Perplexity AI spoofing extension was recently removed from the Chrome Web Store after Microsoft disclosure.
- Microsoft's dismantling of the StegoAd campaign shows ongoing evolution in extension-based threats.
- Users and organizations must remain vigilant as attackers use advanced evasion techniques in browser extensions.
Why it matters
- Browser extensions can be exploited to silently intercept sensitive user data like search queries and keystrokes.
- Steganography in extensions complicates detection, increasing risk of prolonged malicious activity.
- Timely removal of such extensions is critical to protect user privacy and security.
LLM analysis
Topic mix: lowPromo risk: lowSource quality: medium
Recurring claims
- A malicious Chromium extension spoofed Perplexity AI to intercept and collect users' search traffic and browsing data.
- Microsoft dismantled the StegoAd campaign that used steganography to hide malicious JavaScript in Edge extensions.
How sources frame it
- Microsoft Threat Intelligence: neutral
- Microsoft Researchers: neutral
This briefing highlights recent Microsoft research uncovering sophisticated malicious browser extensions that hijack user searches and employ steganography to evade detection.
All evidence
All evidence
Malicious Chromium extension spoofs Perplexity AI to hijack browser searches
CSO Online · csoonline.com · 2026-06-30 11:40 UTC
Microsoft dismantles StegoAd campaign using malicious Edge extensions
SC Media · scworld.com · 2026-06-29 22:38 UTC
Malicious Perplexity Chrome Extension Intercepted Searches and Address Bar Input
thehackernews · thehackernews.com · 2026-06-29 18:40 UTC
Show filters & breakdown
Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -
Showing 3 / 0
Top publishers (this list)
- CSO Online (1)
- SC Media (1)
- thehackernews (1)
Top origin domains (this list)
- csoonline.com (1)
- scworld.com (1)
- thehackernews.com (1)