A series of cyberattacks has compromised multiple Chrome browser extensions, impacting several companies since mid-December, according to a recent report by Reuters.

California-based data protection firm Cyberhaven confirmed on 27 December that its Chrome extension was breached during a malicious attack on Christmas Eve. The company noted that cybersecurity experts have linked the attack to a broader campaign targeting developers of Chrome extensions across various organisations, as per the report.

The exact scope of the campaign remains unclear, but experts suggest that hackers have compromised extensions related to artificial intelligence, virtual private networks, and other sectors. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) referred inquiries to the companies involved. 

Browser extensions, which are often used to enhance web browsing can become a vulnerability if compromised. In Cyberhaven's case, the extension was designed to help monitor and secure data flowing through web-based applications.