(An Autonomous Body Recognized by Ministry of Commerce & Industry, Government of India)
Competency based placement focussed Education | Training | Research | Consultancy
Chrome Extensions Steal Sensitive Chat Data
Security researchers have publicly disclosed a discovery of two malicious Chrome browser extensions on the official Web Store that were engineered to exfiltrate sensitive user conversations from AI tools like OpenAI’s ChatGPT and DeepSeek. This incident has triggered fresh interest among R&D teams focused on secure AI integration and browser extension vetting, as attackers continue to blend conventional malware delivery with modern generative AI contexts. While the immediate risk involves the theft of AI conversation transcripts, which can reveal personally identifiable information or sensitive business intelligence, the broader implication is that developers and security researchers alike must rethink trust assumptions when AI interfaces interact with third-party extensions. Researchers warn that such automated exfiltration campaigns could evolve into supply chain-like attacks against AI systems, prompting accelerated work on anomaly detection frameworks capable of identifying altered extension behaviour in real time.
13-01-2026
📰 Recent News
- Belgium’s Cybersecurity Chief Warns of Growing Risk from U.S.-Centric Technologies
- UK Government Unveils £210M National Cyber Action Plan
- Chrome Extensions Steal Sensitive Chat Data
- IBM AI Agent ‘Bob’ Vulnerability Exposes Prompt Injection Risks
- eRaksha Hackathon Focuses on AI, IoT and Next-Gen Security Challenges
- Industry Report Highlights Growing AI Threat Surface
- Justice Dept. Exposes Insider Threats Within Security Community
- Critical MongoDB Vulnerability Exploited in the Wild, Warnings Issued
- ThreatsDay Bulletin Identifies New Malware and Botnets
- Researchers Identify First AI-Generated NFC Malware Campaign