T1567 5

• Malicious Chrome Extension Steals Meta Business Manager Exports and TOTP 2FA Seeds Feb 13, 2026
• Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover Nov 12, 2025
• Malicious Go Module Disguised as SSH Brute Forcer Exfiltrates Credentials via Telegram Aug 21, 2025
• Malicious Koishi Chatbot Plugin Exfiltrates Messages Triggered by 8-Character Hex Strings May 19, 2025
• Weaponizing OAST: How Malicious Packages Exploit npm, PyPI, and RubyGems for Data Exfiltration and Recon Jan 3, 2025