Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.
Attackers are impersonating ChatGPT, Gemini, and Grok.
More than 300,000 Chrome users have installed what looked like helpful AI add-ons that were actually data-stealing extensions, spread across roughly 30 fake tools. Anyone who has experimented with AI ...