Hackers Are Using Fake AI Tools to Steal Your Data, and Millions Are Falling for It

Everyone wants the latest AI tools. Hackers know this, and they're using it against you.

A new security report reveals that fake AI browser extensions are flooding app stores, disguised as helpful AI assistants. They look legit. Some of them even work, at least on the surface. But behind the scenes, they're quietly stealing your passwords, browsing history, and personal data.

But that's not even the scariest part. Google just patched a serious vulnerability in its own Gemini AI built into the Chrome browser. The bug, rated 8.8 out of 10 on the severity scale, could have let malicious extensions hijack Gemini Live, Google's AI assistant that runs right inside Chrome. Basically, a bad extension could have taken over your AI assistant and used it against you.

Palo Alto Networks, one of the top cybersecurity firms in the world, published a detailed breakdown of how the attack works. In simple terms: a sketchy extension with basic permissions could have gained control of Google's AI features in your browser without you ever knowing.

On a slightly brighter note, Microsoft is tightening up security around its Copilot AI assistant. After customers reported that Copilot was accidentally including confidential files in its responses, Microsoft is rolling out new protections in April to prevent the AI from accessing sensitive documents.

The bottom line? Be extremely careful about which AI tools you install. Stick to well-known, verified extensions. If something seems too good to be true, it probably is.

As reported by Help Net Security.

Source: Help Net Security