chore: update feeds 2026-04-02

Author: github-actions[bot]

browser_extensions_list.csv

@@ -1,5 +1,5 @@
 browser_extension,browser_extension_id_wildcard,browser_extension_id,metadata_category,metadata_type,metadata_link,metadata_comment,crx_file_sha256
-"JSON Formatter","*bcjindcccaagfpapjjmafapmmgkkhgoa*","bcjindcccaagfpapjjmafapmmgkkhgoa","PUP","suspicious","https://chromewebstore.google.com/detail/json-formatter/bcjindcccaagfpapjjmafapmmgkkhgoa/reviews","https://x.com/wesbos/status/2039355472830939319?s=20",""
+"JSON Formatter","*bcjindcccaagfpapjjmafapmmgkkhgoa*","bcjindcccaagfpapjjmafapmmgkkhgoa","PUP","privacy","https://chromewebstore.google.com/detail/json-formatter/bcjindcccaagfpapjjmafapmmgkkhgoa/reviews","https://x.com/wesbos/status/2039355472830939319?s=20",""
 "","*nplfchpahihleeejpjmodggckakhglee*","plfchpahihleeejpjmodggckakhglee","malware","malicious","https://x.com/i/status/1907925793336078675","bank credential stealer",""
 "","*ckkjdiimhlanonhceggkfjlmjnenpmfm*","ckkjdiimhlanonhceggkfjlmjnenpmfm","malware","malicious","https://x.com/i/status/1907925793336078675","bank credential stealer",""
 "Chrome MCP Server - AI Browser Control","*fpeabamapgecnidibdmjoepaiehokgda*","fpeabamapgecnidibdmjoepaiehokgda","malware","malicious","https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/dbdcea6a9f5684a9268c39e60c667c5c9c06263b/2026-02-11-IOCs-for-RAT-disguinsed-as-AI-based-browser-extension.txt","RAT AI browser extension","0cbf101e96f6d5c4146812f07105f8b89bd76dd994f540470cd1c4bc37df37d5"

feeds/elastic_threat_intel.ndjson

@@ -1,7 +1,7 @@
 {
   "feed_name": "ExtSentry - Browser Extension Threat Intelligence",
   "feed_version": "1.0",
-  "generated": "2026-04-02T16:36:48Z",
+  "generated": "2026-04-02T17:32:28Z",
   "source": "https://github.com/mthcht/awesome-lists",
   "license": "TLP:CLEAR",
   "total_indicators": 1416,
@@ -23,7 +23,7 @@
       "extension_name": "JSON Formatter",
       "wildcard_pattern": "*bcjindcccaagfpapjjmafapmmgkkhgoa*",
       "category": "PUP",
-      "threat_type": "suspicious",
+      "threat_type": "privacy",
       "reference_url": "https://chromewebstore.google.com/detail/json-formatter/bcjindcccaagfpapjjmafapmmgkkhgoa/reviews",
       "description": "https://x.com/wesbos/status/2039355472830939319?s=20",
       "crx_sha256": null,

feeds/extsentry_feed.json

@@ -1,5 +1,5 @@
 extension_id,extension_name,wildcard_pattern,category,threat_type,reference_url,description,chrome_webstore_url,severity,crx_sha256,first_seen,feed_source
-bcjindcccaagfpapjjmafapmmgkkhgoa,JSON Formatter,*bcjindcccaagfpapjjmafapmmgkkhgoa*,PUP,suspicious,https://chromewebstore.google.com/detail/json-formatter/bcjindcccaagfpapjjmafapmmgkkhgoa/reviews,https://x.com/wesbos/status/2039355472830939319?s=20,https://chromewebstore.google.com/detail/bcjindcccaagfpapjjmafapmmgkkhgoa,medium,,2026-04-02,ExtSentry (github.com/mthcht/awesome-lists)
+bcjindcccaagfpapjjmafapmmgkkhgoa,JSON Formatter,*bcjindcccaagfpapjjmafapmmgkkhgoa*,PUP,privacy,https://chromewebstore.google.com/detail/json-formatter/bcjindcccaagfpapjjmafapmmgkkhgoa/reviews,https://x.com/wesbos/status/2039355472830939319?s=20,https://chromewebstore.google.com/detail/bcjindcccaagfpapjjmafapmmgkkhgoa,low,,2026-04-02,ExtSentry (github.com/mthcht/awesome-lists)
 plfchpahihleeejpjmodggckakhglee,bank credential stealer,*nplfchpahihleeejpjmodggckakhglee*,malware,malicious,https://x.com/i/status/1907925793336078675,bank credential stealer,https://chromewebstore.google.com/detail/plfchpahihleeejpjmodggckakhglee,critical,,2026-04-02,ExtSentry (github.com/mthcht/awesome-lists)
 ckkjdiimhlanonhceggkfjlmjnenpmfm,bank credential stealer,*ckkjdiimhlanonhceggkfjlmjnenpmfm*,malware,malicious,https://x.com/i/status/1907925793336078675,bank credential stealer,https://chromewebstore.google.com/detail/ckkjdiimhlanonhceggkfjlmjnenpmfm,critical,,2026-04-02,ExtSentry (github.com/mthcht/awesome-lists)
 fpeabamapgecnidibdmjoepaiehokgda,Chrome MCP Server - AI Browser Control,*fpeabamapgecnidibdmjoepaiehokgda*,malware,malicious,https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/dbdcea6a9f5684a9268c39e60c667c5c9c06263b/2026-02-11-IOCs-for-RAT-disguinsed-as-AI-based-browser-extension.txt,RAT AI browser extension,https://chromewebstore.google.com/detail/fpeabamapgecnidibdmjoepaiehokgda,critical,0cbf101e96f6d5c4146812f07105f8b89bd76dd994f540470cd1c4bc37df37d5,2026-04-02,ExtSentry (github.com/mthcht/awesome-lists)

feeds/extsentry_ioc_feed.csv

@@ -5,7 +5,7 @@
     "analysis": "2",
     "distribution": "3",
     "date": "2026-04-02",
-    "timestamp": "1775147808",
+    "timestamp": "1775151149",
     "published": false,
     "uuid": "41ef2090-fab5-547e-9eb6-2aa8f195c66f",
     "Orgc": {
@@ -33,14 +33,14 @@
         "category": "Other",
         "to_ids": false,
         "value": "bcjindcccaagfpapjjmafapmmgkkhgoa",
-        "comment": "JSON Formatter | Category: PUP | Type: suspicious | https://x.com/wesbos/status/2039355472830939319?s=20",
+        "comment": "JSON Formatter | Category: PUP | Type: privacy | https://x.com/wesbos/status/2039355472830939319?s=20",
         "distribution": "5",
         "Tag": [
           {
             "name": "extsentry:category=\"PUP\""
           },
           {
-            "name": "extsentry:type=\"suspicious\""
+            "name": "extsentry:type=\"privacy\""
           }
         ]
       },
@@ -24252,7 +24252,7 @@
           {
             "object_relation": "text",
             "type": "text",
-            "value": "suspicious",
+            "value": "privacy",
             "comment": "Threat Type",
             "to_ids": false
           },