
Microsoft Drops 119 Edge Extensions Carrying Steganography-Driven Malware
Microsoft has removed 119 Edge Add-ons that hid payloads inside ordinary image and font files (StegoAd), tied to a single threat actor active since 2021 and potentially affecting millions, by deploying ad fraud and credential theft via a remote backdoor. The campaign used steganography in PNGs, WebP and WOFF2, with layered checks and decoy responses to avoid detection. Microsoft urges users to review installed extensions, change passwords, enable 2FA, and use hardware security keys, and has published indicators of compromise for Chrome, Firefox, and other Chromium browsers.










