According to a recent LinkedIn post from 7AI, the company’s threat research team has identified what it describes as a long-running browser-based attack cluster dubbed CRXfiltrate affecting Chrome and Edge. The post describes more than 22 malicious extensions with over 85,000 installs, operating largely undetected inside authenticated corporate browser sessions.
Meet Samuel – Your Personal Investing Prophet
- Start a conversation with TipRanks’ trusted, data-backed investment intelligence
- Ask Samuel about stocks, your portfolio, or the market and get instant, personalized insights in seconds
The company’s LinkedIn post highlights that these extensions reportedly evade traditional enterprise defenses, including EDR tools and web proxies, by avoiding file drops and new processes and instead blending into normal browser traffic. The post also claims that one EDR platform had telemetry capable of detecting the activity, but the signal did not reach analysts, underscoring pipeline and visibility gaps.
For investors, the post suggests a growing security concern around browser-internal threats that may not be adequately covered by existing endpoint and network tools. If 7AI can position its offerings as effectively addressing this blind spot, the research could support demand for its technology, strengthen its credibility with security-conscious enterprises, and potentially enhance its competitive standing in the cybersecurity market.