Application security , Threat Intelligence , Malware Over 130K users’ browser data siphoned by illicit TikTok downloader extensions April 21, 2026 Share By SC Staff (Adobe Stock) HackRead reports that over a dozen malicious TikTok downloader extensions have allowed the clandestine compromise of more than 130,000 users' Google Chrome- and Microsoft Edge-stored data as part of the StealTok campaign, which has been underway for more than a year. Multiple legitimate services have been used by threat actors to establish the legitimacy of the TikTok downloaders and expand their user base, with attackers waiting for six to 12 months before injecting information-stealing code into many of the identified apps, according to findings from LayerX Security. Aside from monitoring video interests and usage patterns, the trojanized apps most of which are still downloadable also gather language settings, timezone details, device battery status, and other "high-entropy data." With the apps still having nearly 12,500 active users, individuals have been urged to immediately double-check their browsers' add-ons list and remove any of the offending tools, as well as replace credentials for banking and email accounts. SC Staff Related Application security Crypto stealing wallet apps proliferate in Apple App Store SC Staff April 21, 2026 Crypto stealing wallet apps proliferate in Apple App Store More than two dozen Apple App Store apps spoofing well-known cryptocurrency wallets Coinbase, Metamask, OneKey, and Trust Wallet, have been leveraged to pilfer seed phrases and cryptocurrency assets from Chinese users as part of the FakeWallet attack campaign that has been linked to the ongoing SparkKitty operation, reports BleepingComputer. Security Operations Aikido Security launches Endpoint to secure AI development and mitigate supply chain attacks SC Staff April 21, 2026 Endpoint aims to provide enterprises with visibility and control over software packages, development environments, browser extensions, and AI tools integrated into modern software development. DevSecOps Vercel incident falls short of a supply chain attack — for now Steve Zurier April 20, 2026 Experts say Vercel case was a trust and authentication boundary failure, but not an attack on the level of SolarWinds. Related Events Cybercast Protecting Application User Data for Better Privacy, Governance, and Compliance On-Demand Event Cybercast The Next Evolution of Application Security: AI- Accelerated DevSecOps On-Demand Event Cybercast Scaling secure software in the age of AI: Turning intelligence into action On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Account Harvesting Banner Browser Business Email Compromise (BEC) Client Common Gateway Interface (CGI) Corruption DNS Spoofing Fault Line Attacks Morris Worm You can skip this ad in 5 seconds