Microsoft Warns About Malicious Chrome Extensions

Microsoft issued an alert after uncovering a wave of malicious Chromium-based browser extensions posing as AI assistant tools that secretly harvested browser data and AI chat content. Defender found nearly 900,000 installs and active impact across more than 20,000 enterprise tenants, including full URLs, internal site details, and ChatGPT chat snippets, creating substantial privacy and compliance risks for organizations.
Key Points
- 1Detected malicious Chromium extensions installed nearly 900,000 times, affecting more than 20,000 enterprise tenants worldwide.
- 2Collected full URLs and AI-chat fragments from sessions with ChatGPT and DeepSeek, exposing sensitive internal information.
- 3Recommend enterprises audit and restrict extensions, block malicious domains, and enforce approved AI tool policies.
Scoring Rationale
Official Microsoft investigation reveals broad enterprise exposure and actionable mitigations; novelty limited because extension-based exfiltration is established.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems


