> TritonInfoSec News
Home / Jun 30, 2026 / Story
0
#5 The Hacker News general June 29, 2026 at 08:32 UTC

Microsoft Removes 119 Edge Extensions That Hid Malware in Images and Fonts

By [email protected] (The Hacker News)

AI Summary

Microsoft identified and removed 119 malicious extensions from the Edge Add-ons store, tied to a single threat actor dubbed StegoAd that has been active since at least 2021. The extensions hid credential-stealing payloads inside ordinary image and font files using steganography, activating days after installation to avoid detection and conduct ad fraud. The multi-year persistence of this campaign on an official store underscores supply chain risks in browser extension ecosystems.

Read full article → https://thehackernews.com/2026/06/microsoft-remove…

Relevance score: 84.0/100

# More from June 30

  1. 1
    U.S. offers $10 million for hackers targeting WhatsApp, Signal users BleepingComputer
  2. 2
    Critical SimpleHelp flaw exploited to deploy new stealer malware BleepingComputer
  3. 3
    Hackers now exploit critical Oracle E-Business flaw in attacks BleepingComputer
  4. 4
    Nissan discloses employee data breach linked to Oracle zero-day attacks BleepingComputer
  5. 6
    Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw The Hacker News
  6. 7
    Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks The Hacker News
  7. 8
    Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse The Hacker News
  8. 9
    236,000 DCloud Uni-App Sites Used in Crypto Scams, Phishing, and Wallet Drainers The Hacker News
  9. 10
    Hijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer The Hacker News