Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

AI browser add-ons don't follow DLP rules and aren't recorded in SaaS systems. They run directly in browsers and can see everything a user does without any restrictions. AI extensions are 60% more likely to have security holes than regular extensions.

They often access cookies, run scripts from other computers, and give themselves a lot more permissions. LayerX says that these quick installations can go undetected for years. The report says that AI extensions are a new and urgent cybersecurity threat because they are quickly adopted, have higher levels of access, and are not closely monitored. The report stresses how important AI browser extensions are as a hidden way for people to use AI security that the industry has mostly ignored.

It might seem obvious that AI extensions are just as risky as other software upgrades.

But the evidence shows that this is not the case. According to this report, more than 60% of users have at least one extension that has changed its permissions in the last year. More than 10% of all extensions have fewer than 1,000 users, and 25% have fewer than 5,000.

Almost 40% of extensions haven't been updated in more than a year, which means they are no longer being actively maintained. If they don't get regular updates, they could have unpatched security holes and old code that bad actors could use to their advantage. LayerX says that the report shows CISOs a clear way forward: by looking at an old problem in a new way. The company also says that it shows how little oversight these extensions get compared to other software parts.

The report, which is free to download from the LayerX website, says that you should click here to download the full Extension Security report. This will help you understand the full scope of the problem, figure out where your organization is really at risk, and find a clear way to deal with this growing attack surface without slowing down productivity.

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

It might seem obvious that AI extensions are just as risky as other software upgrades.

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

Trending News

Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme

Top Node.js Maintainers Targeted in Sophisticated Social Engineering Scheme

Threat Actors Abuse Claude Code Leak In GitHub Malware Campaign

Threat Actors Abuse Claude Code Leak In GitHub Malware Campaign

Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers

Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers

Russia's 'Fancy Bear' APT Continues Its Global Onslaught

Russia's 'Fancy Bear' APT Continues Its Global Onslaught

Orange Business Reimagines Enterprise Voice Communications With Trust and AI

Orange Business Reimagines Enterprise Voice Communications With Trust and AI

North Korean Hackers Compromise Widely Used Axios Package to Infect Windows, macOS, and Linux Systems

North Korean Hackers Compromise Widely Used Axios Package to Infect Windows, macOS, and Linux Systems

MuddyWater Turns to Russian Malware-as-a-Service in New ChainShell Campaign

MuddyWater Turns to Russian Malware-as-a-Service in New ChainShell Campaign

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

HPE Aruba Private 5G Platform Vulnerability Enables Credential Theft Attacks

HPE Aruba Private 5G Platform Vulnerability Enables Credential Theft Attacks

Hims Breach Exposes the Most Sensitive Kinds of PHI

Hims Breach Exposes the Most Sensitive Kinds of PHI