The rush to integrate Generative AI into daily workflows has opened a dangerous new front in the cyber security war, one that's hiding in plain sight: the humble browser extension. New research from Palo Alto Networks security experts, Shresta Seetharam, Mohamed Nabeel, and William Melicher, reveals a disturbing trend of malicious GenAI-themed Chrome extensions being used for sophisticated data exfiltration and harmful redirection schemes.
The findings, presented at the Virus Bulletin Conference, detail how cybercriminals are exploiting the GenAI hype to push malicious add-ons, often impersonating legitimate services like DeepSeek AI or Perplexity Search, to bypass security measures and steal sensitive user data.
