External Publication
Visit Post

Malicious Chrome Extension Used Native Messaging to Run PowerShell Commands on Windows

VPN Central [Unofficial] June 25, 2026
Source
A newly analyzed Chrome malware campaign used a rogue browser extension and a Native Messaging Host to turn infected Windows systems into remote-command backdoors. The campaign, detailed in a D3Lab analysis, began with Italian-language invoice phishing emails. Victims were shown what looked like a PDF invoice, but the downloaded file was actually an obfuscated JavaScript […] The post Malicious Chrome Extension Used Native Messaging to Run PowerShell Commands on Windows appeared first on VPN Central.

Discussion in the ATmosphere

Loading comments...