Malicious Chrome Extension Used Native Messaging to Run PowerShell Commands on Windows
VPN Central [Unofficial]
June 25, 2026
A newly analyzed Chrome malware campaign used a rogue browser extension and a Native Messaging Host to turn infected Windows systems into remote-command backdoors. The campaign, detailed in a D3Lab analysis, began with Italian-language invoice phishing emails. Victims were shown what looked like a PDF invoice, but the downloaded file was actually an obfuscated JavaScript […]
The post Malicious Chrome Extension Used Native Messaging to Run PowerShell Commands on Windows appeared first on VPN Central.
Discussion in the ATmosphere