Tag
This rule identifies the installation of potentially malicious browser extensions, which adversaries can leverage for persistence and unauthorized activity by monitoring file creation events in common browser extension directories on Windows systems.