Blog

Or Eshed Published - June 04, 2025

Sleeper Sound: LayerX Uncovers Malicious “Sleeper” Sound Management Extensions with Nearly 1.5 Million Users Worldwide

  LayerX has unearthed network of malicious “sleeper agent” extensions that appear to serve as infrastructure for future malicious activity, currently installed on nearly 1.5 million users worldwide.   LayerX has discovered a network of browser extensions that appear to serve as ‘sleeper agents’ for future malicious activity. The extensions appear to have all been […]

Learn More
Sleeper Sound: LayerX Uncovers Malicious “Sleeper” Sound Management Extensions with Nearly 1.5 Million Users Worldwide
Home Blog
The Cost of Convenience: Inside the Scandal That Exposed Messaging Apps as a New Security Frontier
Executive Viewpoint

The Cost of Convenience: Inside the Scandal That Exposed Messaging Apps as a New Security Frontier

  In a tech world obsessed with growth, innovation, and speed, few stories hit as hard as the unfolding battle between two of the industry’s most prominent competitors: Rippling and Deel. Both are high-flying HR tech unicorns, shaping the future of global workforce management and payroll. But beneath their polished pitches and billion-dollar valuations, a […]

Or Eshed - May 05, 2025 Read more
What Coinbase Got Wrong—And How You Can Get It Right
Executive Viewpoint

What Coinbase Got Wrong—And How You Can Get It Right

  Let’s be honest, when most people think of a “cyberattack,” they picture hoodie-clad hackers hammering away at firewalls from some dark basement. But reality? It’s much less cinematic and a lot more dangerous. The truth is, sometimes the threat is already logged in. That’s what makes insider threats so devastating. They don’t break down […]

Or Eshed - May 05, 2025 Read more
Introducing ExtensionPedia: Your Ultimate Resource to Assess and Mitigate Browser Extension Risks
LayerX Labs

Introducing ExtensionPedia: Your Ultimate Resource to Assess and Mitigate Browser Extension Risks

LayerX is proud to announce the launch of ExtensionPedia, the Browser Extension Risk Database and Knowledge Center, for immediate general availability! Browser extensions significantly enhance productivity, streamline workflows, and personalize user experiences. Yet, beneath their convenience lies a hidden threat—malicious extensions posing serious risks to identity security, data privacy, and organizational integrity. The Hidden Risks […]

Or Eshed - May 05, 2025 Read more
LayerX Reveals 40+ Malicious Browser Extensions
LayerX Labs

LayerX Reveals 40+ Malicious Browser Extensions

LayerX has identified over 40 malicious browser extensions that are part of three distinct phishing campaigns. The initial detection of this campaign was done by the DomainTools Intelligence (DTI) team, who identified a list of suspicious domains that were communicating with browser extensions masquerading as legitimate brands. However, while the research by DTI provided a […]

Michelle Warburg - May 05, 2025 Read more
Introducing Full Conversation Tracking: The Next Step in GenAI Data Protection
LayerX Labs

Introducing Full Conversation Tracking: The Next Step in GenAI Data Protection

GenAI Security – Or Insecurity – Is In Your Hands GenAI tools like ChatGPT, Gemini, and Copilot are hot topics among employees. Their adoption is growing among the enterprise employees, as expected, while the software developers are of the highest consumers of GenAI, with almost 40% and sales and marketing professionals are just after with […]

Michelle Warburg - May 05, 2025 Read more
Scaling a Smarter, Safer Browser Future
Company News

Scaling a Smarter, Safer Browser Future

The enterprise browser is no longer just a portal to the web, it’s the nerve center of modern work. Recognizing this shift, LayerX set out to rethink how enterprises secure the place where work actually happens. Today we’re excited to share a major milestone on our journey: LayerX has extended its Series A funding by […]

Or Eshed - April 04, 2025 Read more
Gartner: The Browser is the new Security Control Point for the SaaS Age
Executive Viewpoint

Gartner: The Browser is the new Security Control Point for the SaaS Age

Secure Enterprise Browsers (SEBs) and browser extensions aren’t just add-ons, they’re critical for addressing security gaps that traditional EDR and network solutions miss. Gartner’s latest report makes it clear: if your security stack isn’t focused on the browser, you’re leaving the door wide open. In today’s enterprise environment, securing the browser isn’t optional, it’s fundamental. […]

Or Eshed - April 04, 2025 Read more
Copy, Paste, Escape: The growing risk of fileless data movement and risk in browsers
LayerX Labs

Copy, Paste, Escape: The growing risk of fileless data movement and risk in browsers

In the modern corporate environment, web browsers have become indispensable tools for daily operations. Recent studies indicate that the average employee spends over 85% of their workday using a browser. This heavy reliance on browsers, while enhancing productivity, also introduces significant security challenges, particularly concerning fileless data movement. As security and DLP experts face daily […]

Michelle Warburg - March 03, 2025 Read more
LayerX Labs Identifies New Phishing Campaign Targeted at Mac Users
LayerX Labs

LayerX Labs Identifies New Phishing Campaign Targeted at Mac Users

A new phishing attack campaign, targeting Mac users and identified by LayerX Labs, shows the trials and tribulations of combating online phishing, and how attacks morph and shift in response to adaptations by security tools. For the past few months, LayerX has been monitoring a sophisticated phishing campaign that initially targeted Windows users by masquerading […]

Or Eshed - March 03, 2025 Read more
The Enterprise GenAI Data Security Report 2025: How Enterprises Consume GenAI Tools
LayerX Labs

The Enterprise GenAI Data Security Report 2025: How Enterprises Consume GenAI Tools

GenAI has become an essential component in the employee toolkit. Yet, going beyond bombastic headlines such as these, actual quantitative data about how AI applications are being used remains surprisingly scarce. At LayerX, our enterprise browser extension provides us with visibility into users’ activities in the browser, where GenAI application usage takes place. We can […]

Or Eshed - March 03, 2025 Read more
LayerX’s Enterprise GenAI Security Report 2025: Exposing Hidden AI Security Blind Spots
Press Releases

LayerX’s Enterprise GenAI Security Report 2025: Exposing Hidden AI Security Blind Spots

New York, February 27, 2025 – LayerX Security, a leader in user-first browser extensions for enterprise security, has released its Enterprise GenAI Security Report 2025, delivering insights into how organizational users interact with Generative AI tools and where hidden security gaps emerge. Based on real-life telemetry data from LayerX’s enterprise customers, the report offers a […]

Or Eshed - February 02, 2025 Read more
Attack Campaign Targeting Browser Extensions: What Happened, Who’s Impacted, How to Protect Yourself, and How LayerX Can Help (Rolling Updates)
LayerX Labs

Attack Campaign Targeting Browser Extensions: What Happened, Who’s Impacted, How to Protect Yourself, and How LayerX Can Help (Rolling Updates)

Last updated: December 30th, 2024 This blog thread is tracking the unfolding global attack campaign targeting browser extensions on the Chrome Web Store. We will update new details as they become available. Summary On December 27, 2024, cybersecurity startup Cyberhaven disclosed that an attack has compromised its browser extension and injected malicious code into it. […]

Or Eshed - December 12, 2024 Read more
How a Simple DocuSign Email Could Have Cost Us Everything: A Close Call with Phishing
LayerX Labs

How a Simple DocuSign Email Could Have Cost Us Everything: A Close Call with Phishing

During the past few weeks, LayerX Labs identified a phishing campaign that impersonates legitimate DocuSign emails, attempting to trick victims into revealing sensitive information. Here’s what happened, and how LayerX prevented a potential security disaster. It started like any other Monday morning. Sarah, a senior account manager (a fictional character for illustration purposes), was going […]

Or Eshed - November 11, 2024 Read more
LayerX Labs Identifies New AI Attack Vector: GPT Masquerading Attacks
LayerX Labs

LayerX Labs Identifies New AI Attack Vector: GPT Masquerading Attacks

LayerX Labs has identified a novel attack vector for malicious actors to try and extract sensitive data from unsuspecting users: GPT Masquareding Attacks.  In this attack, hackers impersonate legitimate GPTs hosted on OpenAI’s ChatGPT platform in order to lure users to fake versions of those GPTs and send the data that users share with the […]

Or Eshed - October 10, 2024 Read more
LayerX Labs Identifies New Zero-Hour Phishing Attack Mimicking Microsoft Security Notifications
LayerX Labs

LayerX Labs Identifies New Zero-Hour Phishing Attack Mimicking Microsoft Security Notifications

LayerX Labs identified a new zero-day phishing campaign that impersonates Microsoft security notifications to lure victims into sharing their login credentials and payment details.  The attack mimics a Microsoft Windows Defender security alert, urging users to call a hotline number, enter their credentials, and provide payment to the call center to ‘secure’ their computer.  This […]

Or Eshed - October 10, 2024 Read more
Security Best Practices in the Aftermath of the Snowflake Data Breach
Executive Viewpoint

Security Best Practices in the Aftermath of the Snowflake Data Breach

Data warehousing giant Snowflake disclosed on May 23, 2024, that they experienced a data breach affecting at least 165 of its customers. Since Snowflake’s customers are industry giants such as LiveNation and Santander Bank, this incident is already shaping up to be one of the most significant data breaches in history. Snowflake has not yet […]

Or Eshed - July 07, 2024 Read more
The TLS Paradox: How Traffic Encryption Is Actually Leaving You Exposed
Executive Viewpoint

The TLS Paradox: How Traffic Encryption Is Actually Leaving You Exposed

Web traffic encryption (AKA SSL, TLS, HTTPS) has long been the norm for most web services, particularly so for corporate SaaS applications such as Salesforce, Microsoft Outlook 365, and Skype. To help protect this traffic from eavesdropping and potential sensitive data exposure, end-to-end encryption is a critical and effective security measure for reducing risk. Organizations, […]

Or Eshed - June 06, 2024 Read more
What is Shadow IT?
Executive Viewpoint

What is Shadow IT?

Shadow IT is the phenomenon of employees using IT systems, devices, software, applications, and services within an organization without explicit approval from the IT department. Employees usually choose this path when the available IT solutions provided by their organization do not meet their needs, are too cumbersome, or are perceived as inefficient. As a result, […]

Or Eshed - January 01, 2024 Read more
LayerX Now Available in the Microsoft Azure Marketplace
Company News

LayerX Now Available in the Microsoft Azure Marketplace

Microsoft Azure customers worldwide now gain access to LayerX to take advantage of the scalability, reliability, and agility of Azure to drive application development and shape business strategies. LayerX Security, a leading provider of enterprise browser security solutions, today announced the availability of its browser security extension LayerX in the Microsoft Azure Marketplace, an online […]

Or Eshed - January 01, 2024 Read more
What is URL Filtering?
Executive Viewpoint

What is URL Filtering?

URL filtering is the security process for blocking or allowing access to specific websites based on their URLs. The primary objective is to prevent users from accessing content that is deemed inappropriate, harmful, or not related to their tasks. This widely popular Internet usage policy is often implemented in various environments, from workplaces to educational […]

Or Eshed - January 01, 2024 Read more
Malicious Browser Extensions: Threats and Security Solutions
Executive Viewpoint

Malicious Browser Extensions: Threats and Security Solutions

In 2019, a network of browser extensions, primarily for Chrome, was revealed to have been scraping sensitive data from as many as four million users. The scraped data included PII, browsing history, medical information, and more. The data was then monetized through a commercialization scheme. This breach became known as the DataSpii incident, and it […]

Or Eshed - December 12, 2023 Read more
BYOD Alternatives for Your Enterprise
Executive Viewpoint

BYOD Alternatives for Your Enterprise

BYOD (Bring Your Own Device) has become a popular strategy for many enterprises, aiming to blend the convenience of personal devices with professional requirements. But is BYOD able to live up to its promise for increased flexibility and heightened productivity? In reality, BYOD introduces serious cybersecurity challenges. This is not to say BYOD shouldn’t be […]

Or Eshed - December 12, 2023 Read more
The Importance of a DLP Solution for Your Enterprise
Executive Viewpoint

The Importance of a DLP Solution for Your Enterprise

Data Loss Prevention (DLP) solutions help enterprises protect sensitive information from unauthorized access or exfiltration. For example, ensuring that intellectual property, personal information, financial records, and health records, are not lost, misused, or accessed by unauthorized individuals. As such, DLPs are a key solution in the organization’s cybersecurity strategy and stack. This blog post dives […]

Or Eshed - December 12, 2023 Read more
The Future of Enterprise Browsers
Executive Viewpoint

The Future of Enterprise Browsers

With businesses shifting to cloud-based services and remote or hybrid work becoming ubiquitous, the web browser has become the central hub of enterprise productivity. As such, it also requires dedicated security controls. Enterprise browsers and extensions are the security solutions that protect against web-borne threats and risks that exploit the browser. In this blog post, […]

Or Eshed - November 11, 2023 Read more
Virtual Desktop Infrastructure Alternatives you Should Consider
Executive Viewpoint

Virtual Desktop Infrastructure Alternatives you Should Consider

Virtual Desktop Infrastructure Alternatives you Should Consider Virtual Desktop Infrastructure (VDI) is a remote connectivity technology that operates by hosting a user’s desktop environment on a remote server/virtual machine. This makes the desktop accessible from any device with an internet connection. With VDIs, organizations get flexibility for remote work, since VDIs free employees from having […]

Or Eshed - October 10, 2023 Read more
Shadow IT in the Hybrid Work Era
Executive Viewpoint

Shadow IT in the Hybrid Work Era

Globalization and cloudification have enabled the adoption of remote and hybrid work models. This new workstyle provides businesses and employees with unprecedented flexibility, access to a global talent pool, and the ability to expand to new markets, among several other benefits. However, it has also driven a new risky practice: Shadow IT. “Shadow IT” is […]

Or Eshed - October 10, 2023 Read more
Secure Browsing Practices For Your Business
Executive Viewpoint

Secure Browsing Practices For Your Business

Enterprise Security Secure Web Browsing

In recent years, the browser has become the core working interface. However, web-borne cyber attacks and data breaches can compromise sensitive data, disrupt business operations, and even lead to financial losses. IT teams are responsible for implementing robust cybersecurity practices controls that protect against malware, ransomware, phishing attacks, pasting sensitive data into ChatGPT, and other […]

Or Eshed - September 09, 2023 Read more
Taming the Wild Web with Browser Security: A CISO’s Perspective
Executive Viewpoint

Taming the Wild Web with Browser Security: A CISO’s Perspective

The browser security industry is rapidly gaining prominence and capturing significant attention in the cybersecurity landscape. A number of browser security companies have been established as an answer to the market’s demand for securing the most popular organizational workspace. Without browser security solutions, CISOs are left to trust cloud security solutions, which were designed to […]

Ira Winkler - July 07, 2023 Read more
Malicious Chrome Extensions You Should Remove from Your Browser
Executive Viewpoint

Malicious Chrome Extensions You Should Remove from Your Browser

Secure Web Browsing

Chrome extensions are small software programs that can be added to the Google Chrome web browser to enhance its functionality and customize their browsing experience. They are typically developed by third-party developers and can be found in the Chrome Web Store. But while Chrome extensions offer numerous benefits, they can also pose potential vulnerabilities to […]

Or Eshed - July 07, 2023 Read more
Why are Security Leaders Moving from Browser Isolation to Browser Security Extension Solutions?
Executive Viewpoint

Why are Security Leaders Moving from Browser Isolation to Browser Security Extension Solutions?

DLP Secure Web Browsing

More and more security decision makers have come to realize that the browser is the ultimate frontline against multiple cyber threats. This insight has led them to add Browser Isolation solutions to their security stacks. However, we have lately witnessed an increasing trend of security professionals who are moving away from these solutions and towards […]

Or Eshed - July 07, 2023 Read more
How to Detect and Protect Your Business from Phishing Attacks
Executive Viewpoint

How to Detect and Protect Your Business from Phishing Attacks

DLP

In recent years, businesses have witnessed a concerning rise in phishing attacks. According to the Verizon DBIR 2023, phishing is one of three primary ways in which attackers access an organization. These deceptive tactics exploit human vulnerabilities, tricking employees into revealing sensitive information or granting unauthorized access to cybercriminals. As a result, they pose a […]

Or Eshed - July 07, 2023 Read more
New Research: How Risky is GenAI Data Exposure Risk?
Executive Viewpoint

New Research: How Risky is GenAI Data Exposure Risk?

Generative AI Secure Web Browsing

As an industry leader in browser security, we are committed to shedding light on the risks associated with revolutionary technologies, like GenAI tools. Our latest research, “Revealing the True GenAI Data Exposure Risk”, provides critical insights into the scope and nature of these risks. Specifically, we examine the troubling risk of data exfiltration through GenAI. […]

Or Eshed - June 06, 2023 Read more
Cyber Security Risks of ChatGPT and Generative AI Tools
Executive Viewpoint

Cyber Security Risks of ChatGPT and Generative AI Tools

Enterprise Security

Generative AI tools like ChatGPT are taking the world by storm. Like any new technology, CISOs need to find a way to embrace the opportunities while protecting the organization from generative AI and ChatGPT risks. Let’s explore the opportunities and security best practices in this article. What is Generative AI? Generative AI is a type […]

Or Eshed - May 05, 2023 Read more
2023 Browser Security Survey Report: Key Findings
Executive Viewpoint

2023 Browser Security Survey Report: Key Findings

Enterprise Security Secure Web Browsing

As the adoption of SaaS continues to soar, the browser has become the key work interface in today’s corporate world. However, this heavy reliance on browsers also exposes organizations to a range of cybersecurity threats and operational risks they need to protect against. To gain insights into how CISOs are managing these security challenges, we […]

Or Eshed - May 05, 2023 Read more
The Importance of Browser Security in Financial Companies
Executive Viewpoint

The Importance of Browser Security in Financial Companies

Enterprise Security

Financial firms have not been exempt from the spur in cybersecurity attacks. According to the 2022 Verizon DBIR report, “The Financial sector continues to be victimized by financially motivated organized crime, often via the actions of Social (Phishing), Hacking (Use of stolen credentials) and Malware (Ransomware).” Therefore, to protect and secure customer data and meet […]

Or Eshed - May 05, 2023 Read more
Protecting Your Company’s Data Crown Jewels: How to Solve ChatGPT Security Risks with LayerX Browser Security Platform
Executive Viewpoint

Protecting Your Company’s Data Crown Jewels: How to Solve ChatGPT Security Risks with LayerX Browser Security Platform

Enterprise Security

With ChatGPT being 1.16 billion users strong, it has become an inseparable part of many people’s lives. This significant user base requires security and IT teams to find and implement a solution in their stack that can protect the organization from its potential security vulnerabilities.  This is not a hypothetical risk; numerous reports of potential […]

Or Eshed - May 05, 2023 Read more
Malicious iPhone application distributed using sophisticated desktop malvertising campaign
LayerX Labs

Malicious iPhone application distributed using sophisticated desktop malvertising campaign

Secure Web Browsing

In the last few years, both attackers and defenders have increased their capabilities in the infinite cat-and-mouse game. Attackers have scaled their phishing operations for stealing credentials and identities. Defenders have adopted a zero trust security approach in which users often use their mobile devices to authenticate into their desktop applications. The chase goes on. […]

Or Eshed - April 04, 2023 Read more
The Dark Side of Enterprise Browsers: Fact-Checking 6 of Their Claims
Executive Viewpoint

The Dark Side of Enterprise Browsers: Fact-Checking 6 of Their Claims

Enterprise Security Secure Web Browsing

In 2022 there was tremendous hype around browser security and enterprise browsers. But while they claim to provide “enterprise grade security”, enterprise browsers are actually far from perfect. In fact, they have some critical downsides. What are they and what’s the alternative? In this blog I will distinguish between browser security and enterprise browsers, address […]

Or Eshed - March 03, 2023 Read more
2023 Browser Security Annual Report Reveals Emerging Browsing Risks and Blind Spots that Security Teams Must Address
Executive Viewpoint

2023 Browser Security Annual Report Reveals Emerging Browsing Risks and Blind Spots that Security Teams Must Address

Secure Web Browsing

As we spend more time online, the security of our browsers has become increasingly important. Our browsers are the gatekeepers to the vast amount of information available on the internet, and protecting them from threats is crucial to keeping organizations’ data safe. In the “2023 Browser Security Annual Report” (download the full report here), we […]

Or Eshed - March 03, 2023 Read more
Top 5 Browsers – How Secure Are They for Your Business?
Executive Viewpoint

Top 5 Browsers – How Secure Are They for Your Business?

Secure Web Browsing

New year, new cyber threats. Experts predict that consumer data will be at high risk this year, and attackers are likely to get it through attacks on large corporations and financial institutions, among others. As you assess your security going into 2023, you’ll want to make sure all the bases are covered, including browser security. […]

Or Eshed - January 01, 2023 Read more
Reputation-based Security is Not Working. What Now?
Executive Viewpoint

Reputation-based Security is Not Working. What Now?

DLP Secure Web Browsing

In the past couple of years, we have witnessed unprecedented growth in cyber attacks originating from the web: phishing schemes, social engineering, malware sites and other malicious attacks. One of the main security services offered on the market nowadays for user protection against these threats is reputation-based URL filters. Reputation-based security services determine the security […]

Or Eshed - January 01, 2023 Read more
Mitigate the LastPass Attack Surface in your Environment with the LayerX Free Tool
Executive Viewpoint

Mitigate the LastPass Attack Surface in your Environment with the LayerX Free Tool

Secure Web Browsing

The latest breach announced by LastPass is a major cause for concern to security stakeholders. As often occurs, we are at a security limbo – on one hand, as LastPass has noted, users followed LastPass best practices would practically be exposed to zero to extremely low risk. However, saying that password best practices are not […]

Or Eshed - December 12, 2022 Read more
The Rise of Phishing and How to Protect Your Organization From Advanced Attacks
Executive Viewpoint

The Rise of Phishing and How to Protect Your Organization From Advanced Attacks

DLP Secure Web Browsing

What is Phishing? Phishing is a type of cybersecurity attack in which malicious actors disguise themselves as a trusted person, website or other entity and interact directly with the victim through messages. The bad actors use these messages to obtain sensitive information or deploy malicious software on the victim’s infrastructure. In an organization, once a phishing […]

Or Eshed - December 12, 2022 Read more
Browser Isolation Out; Browser Security In
Executive Viewpoint

Browser Isolation Out; Browser Security In

Enterprise Security Secure Web Browsing

With 80% of web attacks being browser-borne, organizations are constantly exposed to various attacks when employees use their browser. These include drive-by downloads, malvertising, malicious code injection, cross site scripting and many others. As a result, organizations are constantly searching for effective ways to protect against web-borne  risks, threats and attacks. Some organizations turn to […]

Or Eshed - November 11, 2022 Read more
Why We Built LayerX: Picking Up Where Legacy Browser Security Fails
Company News

Why We Built LayerX: Picking Up Where Legacy Browser Security Fails

Enterprise Security Secure Web Browsing

The idea to build a browser security platform has been on my mind for several years. In the last decade, I have seen and experienced the browser security world from both sides of the barricade. First, during my service as an information warfare specialist in the IDF Intelligence directorate, and then in my career as […]

Or Eshed - November 11, 2022 Read more