Technology
Malicious browser extensions hit 4.3M users
NEWYou can now listen to Fox News articles!
A long-running malware campaign quietly evolved over several years and turned trusted Chrome and Edge extensions into spyware. A detailed report from Koi Security reveals that the ShadyPanda operation affected 4.3 million users who downloaded extensions later updated with hidden malicious code.
These extensions began as simple wallpaper or productivity tools that looked harmless. Years later, silent updates added surveillance functions that most users could not detect.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
THIS CHROME VPN EXTENSION SECRETLY SPIES ON YOU
Malicious extensions spread through trusted browsers and quietly collected user data for years. (Kurt “CyberGuy” Knutsson)
How the ShadyPanda campaign unfolded
The operation included 20 malicious Chrome extensions and 125 on the Microsoft Edge Add-ons store. Many first appeared in 2018 with no obvious warning signs. Five years later, the extensions began receiving staged updates that changed their behavior.
Koi Security found that these updates rolled out through each browser’s trusted auto-update system. Users did not need to click anything. No phishing. No fake alerts. Just quiet version bumps that slowly turned safe extensions into powerful tracking tools.
NEW EMAIL SCAM USES HIDDEN CHARACTERS TO SLIP PAST FILTERS
WeTab functions as a sophisticated surveillance platform disguised as a productivity tool. (Koi)
What the extensions were doing behind the scenes
Once activated, the extensions injected tracking code into real links to earn revenue from user purchases. They also hijacked searches, redirected queries and logged data for sale and manipulation. ShadyPanda gathered an unusually broad range of personal information, including browsing history, search terms, cookies, keystrokes, fingerprint data, local storage, and even mouse movement coordinates. As the extensions gained credibility in the stores, the attackers pushed a backdoor update that allowed hourly remote code execution. That gave them full browser control, letting them monitor websites visited and exfiltrate persistent identifiers.
Researchers also discovered that the extensions could launch adversary-in-the-middle attacks. This allowed credential theft, session hijacking and code injection on any website. If users opened developer tools, the extensions switched into harmless mode to avoid detection. Google removed the malicious extensions from the Chrome Web Store. We reached out to the company, and a spokesperson confirmed that none of the extensions listed are currently live on the platform.
Meanwhile, a Microsoft spokesperson told CyberGuy, “We have removed all the extensions identified as malicious on the Edge Add-on store. When we become aware of instances that violate our policies, we take appropriate action that includes, but is not limited to, the removal of prohibited content or termination of our publishing agreement.”
Most of you will not need the full technical IDs used in the ShadyPanda campaign. These indicators of compromise are primarily for security researchers and IT teams. Regular users should focus on checking your installed extensions using the steps in the guide below.
You can review the full list of affected Chrome and Edge extensions to see every ID tied to the ShadyPanda campaign by clicking here and scrolling down to the bottom of the page.
How to check whether your browser contains these extension IDs
Here is an easy, step-by-step way for you to verify if any malicious extension IDs are installed.
For Google Chrome
Open Chrome.
Type chrome://extensions into the address bar.
Press Enter.
Look for each extension’s ID.
Click Details under any extension.
Scroll down to the Extension ID section.
Compare the ID with the lists above.
If you find a match, remove the extension immediately.
For Microsoft Edge
Open Edge.
Type edge://extensions into the address bar.
Press Enter.
Click Details under each extension.
Scroll to find the Extension ID.
If an ID appears in the lists, remove the extension and restart the browser.
183 MILLION EMAIL PASSWORDS LEAKED: CHECK YOURS NOW
Simple security steps can block hidden threats and help keep your browsing safer. (Kurt “CyberGuy” Knutsson)
How to protect your browser from malicious extensions
You can take a few quick actions that help lock down your browser and protect your data.
1) Remove suspicious extensions
Before removing anything, check your installed extensions against the IDs listed in the section above. Most of the malicious extensions were wallpaper or productivity tools. Three of the most mentioned are Clean Master, WeTab and Infinity V Plus. If you installed any of these or anything that looks similar, delete them now.
2) Reset your passwords
These extensions have access to sensitive data. Resetting your passwords protects you from possible misuse. A password manager makes the process easier and creates strong passwords for each account.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2025 at Cyberguy.com.
3) Use a data removal service to reduce tracking
ShadyPanda collected browsing activity, identifiers and behavioral signals that can be matched with data already held by brokers. A data removal service helps you reclaim your privacy by scanning people-search sites and broker databases to locate your exposed information and remove it. This limits how much of your digital footprint can be linked, sold or used for targeted scams.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
4) Install strong antivirus software
An antivirus may not have caught this specific threat due to the way it operated. Still, it can block other malware, scan for spyware and flag unsafe sites. Many antivirus tools include cloud backup and VPN options to add more protection.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com.
5) Limit your extensions
Each extension adds risk. Stick with known developers and search for recent reviews. If an extension asks for permissions it should not need, walk away.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Kurt’s key takeaways
ShadyPanda ran for years without raising alarms and proved how creative attackers can be. A trusted extension can shift into spyware through a silent update, which makes it even more important to stay alert to changes in browser behavior. You protect yourself by installing fewer extensions, checking them from time to time and watching for anything that feels out of place. Small steps help lower your exposure and reduce the chances that hidden code can track what you do online.
Have you ever found an extension on your browser that you didn’t remember installing or one that started acting in strange ways? How did you handle it? Let us know by writing to us at Cyberguy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alert, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.
Copyright 2025 CyberGuy.com. All rights reserved.
If you’re looking to pick up a pair of open-ear headphones for yourself — or your mom — Shokz is running a Mother’s Day sale. Now through May 10th, the company’s best pair of bone conduction headphones, the OpenRun Pro 2, are available from Amazon, Best Buy, and Shokz for around $139.95 ($40 off), their lowest price of the year. If you purchase direct, you’ll also receive a free waist bag (a $29.99 value).
While traditional headphones tend to block out the world, open-style headphones provide a safer alternative, letting you listen to music and podcasts while remaining vigilant. After testing the OpenRun Pro 2, The Verge’s Victoria Song said using them felt “like the stars finally aligning.” Unlike many open-ear headphones, they don’t skimp on bass or clarity thanks to a dedicated air conduction speaker, though they still won’t rival a traditional pair of in-ears when it comes to sound quality. Still, they’re more comfortable than earlier Shokz models, with flexible ear hooks and a lightweight neckband that creates a secure, natural fit, even for those who wear glasses.
The fact that the Pro 2 vibrate significantly less than other models is another highlight, as is battery life. They offer up to 12 hours on a single charge, which was enough for us to go nearly a week without plugging them in (they charge incredibly fast via USB-C, too). They also include AI-powered noise cancellation for calls (though results were mixed in our testing) and an IP55 rating, making them well-suited for both sweaty workouts and outdoor use.
Other Shokz deals to consider
NEWYou can now listen to Fox News articles!
The United Arab Emirates just made one of the most aggressive moves yet in the global AI race. The country says it will integrate agentic artificial intelligence across half of its government operations within two years.
For context: Most governments are still debating whether to use AI. This plan puts speed and execution front and center and goes in the opposite direction of how governments typically handle major technology changes.
If it works, the UAE could offer a preview of how AI may reshape public services far beyond the Middle East. If it runs into problems, it could also highlight the risks of moving this fast when government decisions, personal data and public trust are all involved.
Sign up for my FREE CyberGuy Report
UAE AMBASSADOR YOUSEF AL OTAIBA: US AND UAE FORGE GROUNDBREAKING HIGH-TECH PARTNERSHIP BASED ON AI
UAE leaders meet to outline a plan that would bring Agentic AI into core government decision-making and operations. (Dubai Media Office)
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
What agentic AI means for the UAE government
Agentic AI refers to systems that can analyze information, make decisions and take action with minimal human input. In this model, AI can process requests, adjust workflows and improve outcomes in real time. It can also carry out certain government tasks from start to finish, instead of only suggesting what a person should do next.
So, how would that show up in everyday ways? Think faster permit approvals, automated public services or systems that respond instantly to changes in demand. Instead of waiting for human bottlenecks, processes move continuously.
FOX NEWS AI NEWSLETTER: TRUMP ADMIN UNVEILS GROUNDBREAKING TOOL ‘SUPERCHARGING’ GOV’T EFFICIENCY IN AI
According to the announcement, AI will act more like an operational partner than a tool. That marks a change in how governments think about technology.
How the UAE plans to roll out AI across government
There is also a clear structure behind the rollout. The UAE has put a detailed plan in place with clear expectations from the start. Every ministry and government entity will be evaluated based on how quickly it adopts AI, how well it implements those systems and how effectively it redesigns workflows around them.
Oversight will come from Mansour bin Zayed Al Nahyan, a senior government leader who plays a key role in the country’s executive decision-making. Day-to-day execution will be led by a task force chaired by Mohammad Al Gergawi, a longtime cabinet minister focused on government modernization.
How AI will change government jobs in the UAE
One of the biggest parts of this plan has less to do with machines and more to do with people. Every federal employee will receive AI training. The goal is to build a workforce that can work alongside intelligent systems rather than compete with them.
That matters because large-scale automation often raises concerns about job loss. The UAE is taking a different angle by focusing on reskilling and adaptation. If it works, it could become a model that other countries try to follow. If it struggles, it will highlight how difficult workforce transformation can be at scale.
Why the UAE is moving so fast on AI in government
This move fits into a broader strategy. The UAE has spent years positioning itself as a tech-forward economy. By embedding AI into government operations, the country hopes to improve efficiency, reduce delays and deliver faster services to residents and businesses.
It also sends a signal globally. The UAE wants to set the benchmark for how governments use AI in a big way. That puts pressure on other countries, including the United States, to rethink how quickly we adopt similar technologies.
The UAE plans to use agentic AI to help analyze information, make decisions and carry out tasks across a wide range of government services. (Kurt “CyberGuy” Knutsson)
Concerns about AI in government are already growing
For all the excitement, this kind of rollout raises real concerns. Critics point to accountability as one of the biggest questions. When AI systems start making decisions inside government, it can become harder to understand who is responsible when something goes wrong. Was it the system, the developer or the agency using it?
JOBS THAT ARE MOST AT RISK FROM AI, ACCORDING TO MICROSOFT
Privacy is another sticking point. Government systems already handle sensitive personal data. Expanding AI across those systems could increase how much data is collected, analyzed and stored, which makes some experts uneasy.
There is also the issue of bias. AI models learn from data, and if that data has gaps or flaws, the outcomes can reflect that. In a government setting, that could affect access to services, approvals or enforcement decisions in ways that are not always obvious.
Then there is trust. Even if the systems work as intended, people may still hesitate to accept decisions made by machines, especially when those decisions affect their daily lives.
Supporters argue that these risks can be managed with strong oversight and transparency. Still, critics say the speed of this rollout leaves little room for error, and that is where the debate is likely to intensify.
What this means to you
Even if you do not live in the UAE, this push has real implications. First, it raises expectations. When one government proves it can deliver faster services with AI, people elsewhere will start asking why theirs cannot.
Second, it accelerates the global AI race. Governments will need to balance speed with privacy, security and oversight. Third, it highlights a growing reality. AI is moving into decision-making roles beyond basic support functions. That changes how systems are built and how accountability works.
You may start to see similar experiments here in the United States, especially at the state or city level, where innovation can happen faster.
Take my quiz: How safe is your online security?
Think your devices and data are truly protected? Take this quick quiz to see where your digital habits stand. From passwords to Wi-Fi settings, you’ll get a personalized breakdown of what you’re doing right and what needs improvement. Take my quiz here: CyberGuy.com
Kurt’s key takeaways
The UAE is betting big on a future in which AI plays a central role in how its government operates. The timeline is aggressive, and the scope is hard to ignore. What stands out most is how quickly this is moving from concept to execution. At the same time, the questions are just as big as the opportunity. Who is accountable when AI makes a decision? How much data is being used behind the scenes? And how much trust are people willing to place in systems they cannot fully see? This could become a model that other governments try to follow. It could also expose real challenges around transparency and control. Either way, it is a clear signal that AI is moving deeper into systems that affect our everyday lives.
The initiative is set to expand AI across multiple agencies, with a focus on faster services, improved efficiency and real-time operations. (Kurt “CyberGuy” Knutsson)
If AI can start making real-time decisions inside government systems, how comfortable are you with that level of automation showing up in your everyday life? Let us know by writing to us at Cyberguy.com
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
- Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
- For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
- Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.
Copyright 2026 CyberGuy.com. All rights reserved.
“Literally, we stopped selling to Amazon, and it’s because I wasn’t going to do something illegal. I wasn’t going to do something that would put at risk the relationship we have with other retailers. But it also set the stage to say, look, you’re not going to push me around. This is the way we do business. And so that’s how, over time, you build respect.”
-
World11 minutes ago
Shooting at lake near Oklahoma City injures at least 10
-
News17 minutes agoMariachi Brothers Detained by ICE Invited to Open for Kacey Musgraves After Release
-
Politics23 minutes agoTrump Faces the Complicated Reality of a Costly, Unpopular War in Iran
-
Business29 minutes agoChizi, Standup Comic Exiled in China, Wants to Be More Than Just ‘a Rebel Comedian’
-
Lifestyle59 minutes agoBeyoncé Is Returning to the Met Gala. These Are the Looks She Has to Top.
-
Education1 hour agoAs Enrollment Shrinks, a Clash Between the Have- and Have-Not Schools
-
Technology1 hour agoShokz’s bassy OpenRun Pro 2 are $40 off thanks to a new Mother’s Day promo
-
World1 hour agoCruise ship outbreak leaves 3 dead as officials delay medical evacuations and probe hantavirus threat
