Summary

Malicious AI browser extensions have been found collecting chat histories and browsing data from platforms like ChatGPT and DeepSeek. This campaign has affected nearly 900,000 users and over 20,000 enterprise tenants.

Key Points

• Malicious browser extensions targeted platforms such as ChatGPT and DeepSeek.
• Nearly 900,000 installations of these extensions have been recorded.
• The campaign impacted more than 20,000 enterprise tenants.
• The issue underscores the risk of data exposure through browser extensions.

Analysis

The widespread installation and impact on enterprise tenants highlight the significant threat posed by malicious browser extensions. By harvesting chat histories and browsing data, these extensions can lead to severe data breaches and privacy violations. This incident emphasizes the need for heightened scrutiny and security measures regarding browser extensions, especially those involving AI and LLM platforms.

Conclusion

IT professionals should conduct regular audits of browser extensions used within their organizations and educate users on the risks associated with installing unverified extensions. Implementing strict policies on extension installations can mitigate potential data exposure risks.