Cybersecurity researchers have discovered a fake Google Chrome extension which steals credit card data via web forms on visited websites. The extension, by the title 'Reader Flash', is spread by means of JavaScript injection attacks, which display warnings like "You don't have Flash installed, use this Chrome extension instead". The extension had been reportedly available since February 2018.