Cybersecurity firm Expel highlighted the threat in a detailed analysis published on 24 March, warning that certain extensions operating within Google Chrome can quietly monitor inputs typed into AI platforms and relay them to external servers. The activity, often undetected by users, has prompted fears that confidential business information, proprietary code and personal data may be at risk.
The technique, described by analysts as “prompt interception” or “prompt poaching”, exploits the privileged access granted to browser extensions. Once installed, these add-ons can read and modify webpage content, including text entered into chat interfaces powered by systems such as ChatGPT and other generative AI tools. While extensions are commonly used to enhance productivity, security experts say the same permissions can be abused for surveillance.
Researchers observed that some extensions transmit captured data to remote endpoints in near real time. In certain cases, the data flows are disguised as routine analytics traffic, making detection more difficult for both users and enterprise security teams. Analysts noted that even extensions with benign descriptions or high user ratings could be repurposed after updates, raising questions about long-term trust in browser add-ons.
The issue comes amid a surge in workplace adoption of generative AI, where employees routinely input sensitive information into chatbots to draft documents, analyse data or generate code. Security specialists warn that this behaviour expands the attack surface significantly. “Users are effectively pasting internal knowledge into third-party systems, and extensions can act as silent intermediaries capturing that data,” one analyst said.
Technology companies have tightened policies governing extension permissions, but enforcement remains uneven. Google has introduced measures such as manifest version updates and stricter review processes for its Chrome Web Store. However, experts argue that malicious actors continue to find ways to bypass safeguards, including by initially publishing compliant versions of extensions before introducing harmful code in later updates.
Industry observers say the threat is not limited to Chrome. Other browsers built on similar architectures may also be vulnerable, particularly if they support the same extension ecosystem. The broader concern centres on how browser-based tools interact with AI services, where large volumes of user-generated content pass through interfaces that can be accessed by third-party scripts.
Corporate cybersecurity teams are increasingly scrutinising browser environments as part of their defensive strategies. Some organisations have begun restricting the installation of unapproved extensions or deploying browser isolation technologies to limit exposure. Others are advising staff to avoid entering confidential information into AI tools unless they are operating within secure, enterprise-managed environments.
The emergence of prompt interception reflects a wider pattern of attackers targeting the human-AI interaction layer rather than the underlying models themselves. Unlike traditional data breaches, which often involve network intrusions or database compromises, this approach focuses on capturing information at the point of input. Analysts say this makes it harder to detect using conventional security tools.
Regulatory attention is also beginning to shift towards the risks associated with AI usage. Policymakers in several jurisdictions are examining how data protection frameworks apply to generative AI platforms and the ecosystems surrounding them. Questions are being raised about user consent, data ownership and the responsibilities of platform providers in preventing unauthorised data collection.
At the same time, developers of legitimate extensions argue that overly restrictive policies could stifle innovation. Many tools rely on deep integration with web content to provide features such as summarisation, translation or workflow automation. Striking a balance between functionality and security remains a challenge for browser vendors and regulators alike.
Follow Arabian Post
Select Arabian Post as your preferred source on Google and MSN News for trusted business news and Arab politics and updates.
