91/69 Monday, February 16, 2026
Cybersecurity researchers have identified more than 300 Google Chrome extensions exhibiting spying and data-stealing behavior, affecting users worldwide with a combined total of over 37.4 million downloads. Network traffic analysis revealed that at least 153 of these extensions begin transmitting users’ browsing history and search engine queries immediately after installation. The collected data is sent to external servers, where it may be monetized through data brokers or potentially abused by malicious actors.
Particularly concerning is the use of advanced obfuscation techniques. Cybercriminals frequently disguise these malicious extensions as popular AI assistant tools, capitalizing on the growing demand for AI-powered utilities. These extensions are capable of modifying browser interfaces to manipulate user activity and can extract information from active tabs. Additionally, 15 extensions were specifically designed to target Gmail users, intercepting and copying email content before transmitting it to external systems-posing a severe risk to business confidentiality and personal privacy.
Given that Chrome and Gmail are widely used for both professional and personal activities, users should exercise heightened caution when installing browser extensions. It is essential to carefully review requested permissions and install extensions only from trusted developers. Any suspicious or unnecessary extensions should be removed immediately to reduce the long-term risk of data leakage.