What happened
LayerX published research showing AI browser extensions are 60% more likely to have a vulnerability than average extensions, 3x more likely to access cookies, 2.5x more likely to execute remote scripts, and 6x more likely to escalate their permissions over time. 15% of enterprise users have an AI extension installed, and these extensions bypass DLP controls and SaaS logs entirely.
Why it matters
AI browser extensions represent a blind spot in enterprise security postures. They have direct access to everything employees see and type, yet are invisible to traditional security monitoring. The dynamic permission escalation makes static allowlists ineffective.
Applicability
CISOs and security teams should immediately audit AI browser extension usage across the organisation, implement browser-level governance policies, and consider browser security platforms that can monitor extension behaviour in real time.