anonym.legal
Rudi kwa BlogUsalama wa AI

Funguo za Siri Zinaharami Kupitia Ugani wa Chrome: Jinsi ya Kukamata

ChatGPT na Claude kupokea API funguo kuharami kupitia ugani wa Chrome. Utafiti 2025 unaonyesha 18 extensions na siri za siri. Jinsi ya kukamata.

February 21, 20266 dakika kusoma
Chrome extension securityAI chat theftChatGPT privacymalware

Utajwi wa Ugani

Ugani wa Chrome ni mlangoni wa simu yako. Wengi si salama.

Utafiti wa Palo Alto Networks hapa 2025 unaonyesha:

  • 18 extensions za kawaida zinakamata API funguo
  • 67% ya wafanyikazi hutumia extensions bila kumwambia IT
  • ChatGPT na Claude API funguo ni #1 lengo
  • 12% ya kampuni hazina sera ya extension

Nini Kinajadi

Ugani wa malicious (au salama-baada ugani na wanaorudi kuzuia) unaweza:

  1. Kamata API funguo kutoka kwenye DOM au localStorage
  2. Kupiga hati zote za mifumo
  3. Kusambaza data ya wazi kwenye seva za athari

Makala Zinazohusiana

Usalama wa AI

AI Coding Assistants Leak Production PII

Unit test fixtures with real customer records. Log files with production data for debugging. GitHub found 39 million secrets leaked in 2024.

Usalama wa AI

Internal Wiki PII: Confluence Customer Data

Support teams document processes with screenshots of customer accounts. Over 3 years, that's thousands of GDPR data minimization violations in your.

Usalama wa AI

Screenshot PII: Leaks in Internal Tools

Slack, Teams, Jira, and email regularly receive screenshots containing customer PII. This access-control violation bypasses every DLP tool.

Tayari kulinda data yako?

Anza kuanonymisha PII na aina 285+ za vitu katika lugha 48.

Anza Jaribio la BureTazama Vipengele