Malicious Chrome extensions posing as productivity tools were found stealing session tokens, blocking security controls, and enabling account takeover across popular enterprise HR and ERP platforms. A ...