In late 2024, a wave of cyberattacks compromised several legitimate Chrome browser extensions, including Cyberhaven’s data loss prevention tool. Attackers injected malicious code into these extensions, turning them into tools for harvesting browser cookies and authentication tokens. The ultimate targets were sensitive platforms such as Facebook Ads accounts, social media dashboards, and AI systems.