Microsoft has shut down a long-running malicious extension operation on the Edge Add-ons store that hid its payloads inside ordinary image and font files, then woke up days after install to steal credentials and run ad fraud.
The company calls it StegoAd, a mash-up of steganography and adware, and ties 119 extensions to a single threat actor it says has been active since at least 2021.
source https://thehackernews.com/2026/06/microsoft-removes-119-edge-extensions.html
source https://thehackernews.com/2026/06/microsoft-removes-119-edge-extensions.html
