anonym.legal
Atgal į BlogąAI Saugumas

[LT-05] After the 900K-User Malicious Extension...

[LT-05] In January 2026, two malicious Chrome extensions installed by 900K+ users exfiltrated complete ChatGPT and DeepSeek conversations every 30...

April 16, 20268 min skaityti
malicious Chrome extensionAI extension security auditextension trust verificationlocal processing architecture900K extension incident

[LT-05]

The January 2026 Incident

Two Chrome extensions discovered in January 2026 — "Chat GPT for Chrome with GPT-5, Claude Sonnet and DeepSeek AI" (600,000+ users) and "AI Sidebar with Deepseek, ChatGPT, Claude and more" (300,000+ users) — were found to be exfiltrating complete AI conversation histories every 30 minutes to a remote command-and-control server.

The extensions presented themselves as privacy and AI enhancement tools. Their Chrome Web Store descriptions emphasized user data protecti...

Susiję Straipsniai

AI Saugumas

AI Coding Assistants Leak Production PII

Unit test fixtures with real customer records. Log files with production data for debugging. GitHub found 39 million secrets leaked in 2024.

AI Saugumas

Internal Wiki PII: Confluence Customer Data

Support teams document processes with screenshots of customer accounts. Over 3 years, that's thousands of GDPR data minimization violations in your.

AI Saugumas

Screenshot PII: Leaks in Internal Tools

Slack, Teams, Jira, and email regularly receive screenshots containing customer PII. This access-control violation bypasses every DLP tool.

Pasiruošę apsaugoti savo duomenis?

Pradėkite anonimizuoti PII su 285+ subjektų tipais 48 kalbomis.

Pradėti Nemokamą Bandomąją VersijąPeržiūrėti Funkcijas