In June, July and August, developers of the following Chrome extensions had their login credentials stolen through a phishing attack. The extensions affected are:
Web Developer – Versions 0.4.9 affected
Chrometana – Version 1.1.3 affected
Infinity New Tab – Version 3.12.3 affected
CopyFish – Version 2.8.5 affected
Web Paint – Version 1.2.1 affected
Social Fixer 20.1.1 affected
TouchVPN appears to have been affected but the version is unclear
Betternet VPN also appears to have been affected but no version was provided
Please see the Wordfence blog post for more details: