Hackers Target Multiple Companies’ Chrome Extensions in Widespread Campaign

/in /tarafından

Hackers have compromised a variety of companies’ Chrome browser extensions in a series of cyberattacks that began in mid-December, according to affected firms and cybersecurity experts. One confirmed victim, Cyberhaven, a California-based data protection company, revealed the breach in a statement to Reuters on Friday.

“Cyberhaven can confirm that a malicious cyberattack occurred on Christmas Eve, affecting our Chrome extension,” the company said. It referenced cybersecurity experts’ findings, which indicated the breach was part of a broader campaign targeting Chrome extension developers across multiple organizations. The company also confirmed it is cooperating with federal law enforcement authorities in its investigation.

Browser extensions, often used to enhance user experience through features like auto-applying coupons or improving data management, were exploited in this campaign to compromise sensitive data. Cyberhaven’s Chrome extension is specifically designed to help monitor and secure client data across web-based applications.

Jaime Blasco, cofounder of Nudge Security in Austin, Texas, noted that Cyberhaven is not an isolated case. He identified several other compromised extensions, some impacted as early as mid-December. These included extensions related to artificial intelligence and virtual private networks (VPNs), suggesting an opportunistic approach aimed at collecting as much sensitive data as possible from a wide range of sources.

Blasco said, “I’m almost certain this is not targeted to Cyberhaven. If I had to guess, this was just random.”

The geographical reach of the campaign remains unclear. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) declined to comment, referring inquiries to the affected companies. Alphabet, the parent company of Google and maker of the Chrome browser, did not immediately respond to requests for comment.

This incident highlights the vulnerabilities associated with browser extensions and the potential for malicious actors to exploit them for broad data collection efforts. Experts urge developers and users alike to exercise caution and maintain robust security measures for extensions to prevent similar breaches.

 

Trump Asks Supreme Court to Delay TikTok Ban for Potential Political Resolution

/in /tarafından

President-elect Donald Trump has called on the U.S. Supreme Court to delay the implementation of a law that would ban the popular social media app TikTok or compel its Chinese parent company, ByteDance, to sell the platform to a U.S. entity. The law, set to take effect on January 19, 2025, would force divestment or result in a nationwide ban on TikTok, which has over 170 million users in the United States.

The Supreme Court is scheduled to hear arguments on the case on January 10, but Trump’s legal team has requested a stay on the law’s deadline to allow his incoming administration time to explore a political resolution to the matter. “President Trump takes no position on the underlying merits of this dispute,” said his lawyer, D. John Sauer, who is also the president-elect’s nominee for U.S. solicitor general. “Instead, he respectfully requests that the Court consider staying the Act’s deadline… to permit President Trump’s incoming administration the opportunity to pursue a political resolution.”

This stance represents a reversal from Trump’s earlier position in 2020 when he attempted to ban TikTok and force its sale due to concerns about its Chinese ownership. However, during his presidential campaign, Trump appeared to soften his approach, meeting with TikTok CEO Shou Zi Chew in December and expressing a “warm spot” for the app. Trump even credited TikTok with helping him gain billions of views during his campaign.

TikTok and ByteDance have contested the law, arguing that the U.S. government has mischaracterized their ties to China. The company maintains that U.S. user data and content moderation decisions are handled domestically, with data stored on Oracle-operated servers in the United States. Despite these assurances, the U.S. Justice Department and most lawmakers argue that Chinese control of TikTok poses a national security risk.

Opponents of the ban, including free speech advocates, have voiced concerns that the legislation echoes censorship practices of authoritarian regimes. However, Montana Attorney General Austin Knudsen, supported by 22 state attorneys general, filed an amicus brief urging the Supreme Court to uphold the law, emphasizing the importance of addressing national security risks associated with Chinese influence over the app.

The outcome of this case could have significant implications for U.S.-China relations, free speech, and the future of TikTok in America. For now, Trump’s request seeks to buy time for a potential diplomatic or legislative resolution as the nation awaits the Court’s decision.

OpenAI Adopts Public Benefit Corporation Structure to Attract Investment for AI Development

/in /tarafından

OpenAI, the company behind ChatGPT, has announced plans to restructure as a Delaware-based public benefit corporation (PBC) to secure additional funding needed for its ambitious artificial intelligence (AI) development. The move aims to balance societal interests with shareholder value as the company navigates the costly race toward artificial general intelligence (AGI).

Initially launched as a nonprofit in 2015, OpenAI transitioned to a for-profit model in 2019 to fund AI research. The latest restructuring reflects the need for further flexibility, particularly to attract substantial investment. OpenAI’s latest funding round of $6.6 billion, which valued the company at $157 billion, was contingent on changes to its corporate structure, including the removal of profit caps for investors.

In a blog post, OpenAI explained that this transition is critical to maintaining its mission and competing with well-funded rivals such as Anthropic and xAI, which operate under similar structures. “The hundreds of billions of dollars that major companies are now investing into AI development show what it will really take for OpenAI to continue pursuing the mission,” the company stated.

The nonprofit parent will retain significant interest in the new PBC through shares, ensuring resources remain aligned with the company’s broader mission. OpenAI claims this will position its nonprofit arm as one of the “best-resourced nonprofits in history.”

The transition to a PBC has drawn mixed reactions. Advocates suggest this move is essential for OpenAI’s continued innovation, while critics express concerns over whether the public benefit mission will be sufficiently prioritized over profit. Ann Lipton, a corporate law professor, noted that while PBC status signals a company’s intent to prioritize societal goals, enforcement depends heavily on shareholders’ willingness to hold the company accountable.

The restructuring comes amid legal disputes and external criticism. Elon Musk, an OpenAI co-founder who later left the company, has filed a lawsuit alleging OpenAI prioritizes profit over its stated public mission. Musk’s lawsuit is one of several challenges the company faces as it pursues its new structure.

Despite these obstacles, OpenAI is pushing forward, asserting that this transformation is necessary to remain competitive in the AI space while staying true to its mission of ensuring AI benefits humanity.