Microsoft has uncovered a large-scale cyberattack involving over 100 malicious Chrome browser extensions that have been active since early 2024. These extensions impersonate legitimate tools such as YouTube, DeepSeek, Fortinet, and free VPN services, functioning normally while secretly stealing session cookies and enabling unauthorized access to users' accounts. The operation has compromised nearly 400,000 PCs by harvesting sensitive browser data and executing malicious code, highlighting a persistent threat within the Chrome extension ecosystem.