logo

Your Employees Logged In Without Issue; Attackers Logged In Too.

ID: 309d1115-3f65-5be1-ae8b-c67cc8686fc7

STIX ID: report--309d1115-3f65-5be1-ae8b-c67cc8686fc7

Feed Name: Security Boulevard

Threat Score
80/100

Date Published: 2026-06-25

Date Updated: 2026-06-26

Author: Christine Castro

...
...

Constella reports discovery of malicious Chrome extensions and widespread infostealer activity that continuously harvest and exfiltrate session cookies for enterprise HR/ERP and SaaS platforms; stolen cookies allow attackers to hijack authenticated sessions without triggering MFA or login events, enabling large-scale silent access (illustrated by the Snowflake incidents), and the report recommends cookie monitoring, session invalidation, and extension auditing to mitigate the threat.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.