Ethical Hacking News
A critical vulnerability in Google's Gemini Live AI assistant integrated into Chrome has been discovered by researchers at Palo Alto Networks. This finding highlights the risks associated with overly permissive extension access and the potential for malicious actors to exploit these vulnerabilities for nefarious purposes. The vulnerability, tracked as CVE-2026-0628, was patched in early January 2026, but it is essential for users and developers to be aware of its existence to avoid similar exploits in the future.
Researchers found a critical vulnerability in Google's Gemini Live AI assistant integrated into the Chrome browser. The vulnerability allows malicious extensions to inject JavaScript into the Gemini panel and perform complex multi-step actions without user consent. The exposure of this vulnerability highlights the importance of monitoring for potential security flaws in AI browsers or AI features implemented into existing browsers. Patch was released in early January 2026, but users should be aware of its existence to avoid similar exploits in the future. Developers and users must prioritize security awareness, monitoring, and responsible disclosure practices to protect users from potential exploits.
In a recent discovery, researchers at Palo Alto Networks revealed a critical vulnerability in Google's Gemini Live AI assistant integrated into the Chrome browser. This finding highlights the risks associated with overly permissive extension access and the potential for malicious actors to exploit these vulnerabilities for nefarious purposes.
The Gemini Live AI assistant was designed to provide users with real-time content summarization, automated task execution, and dynamic assistance for contextual understanding of webpages. While this feature enhances the user experience, it also creates a significant security risk due to its privileged access to what users see and do in the browser. This deep integration into the browser's functionality allows malicious actors to perform complex multi-step actions without user consent, including phishing attacks, accessing local files and directories, taking screenshots of tabs showing any website that serves over HTTPS, and even controlling the camera and microphone without permission.
A Chrome vulnerability, tracked as CVE-2026-0628, allowed malicious extensions with declarativeNetRequests permissions to inject JavaScript into the Gemini panel. This vulnerability was patched in early January 2026, but it is essential for users and developers to be aware of its existence to avoid similar exploits in the future.
Researchers demonstrated how an ordinary extension could hijack the Gemini panel and perform these malicious activities. The exposure of this vulnerability underscores the importance of monitoring for potential security flaws in AI browsers or AI features implemented into existing browsers. As more malicious or hijacked extensions appear in web stores, the risk grows, particularly in enterprise environments where a rogue extension accessing cameras, microphones, or local files poses serious threats.
While AI-powered browser features can improve user experience, they also introduce new risks that must be carefully considered and addressed. The responsible disclosure of this vulnerability to Google by Palo Alto Networks has helped prevent potential harm from this exploit. Nevertheless, it serves as a reminder for developers and users alike to remain vigilant in the face of emerging security threats.
In conclusion, this vulnerability highlights the importance of maintaining robust security measures when implementing AI-powered browser features. As AI browsers become increasingly prevalent, it is crucial that we prioritize security awareness, monitoring, and responsible disclosure practices to protect users from potential exploits.
Related Information:
https://www.ethicalhackingnews.com/articles/Ai-Browser-Vulnerability-Exposed-The-Risks-of-Gemini-Live-Hijacking-ehn.shtml
https://securityaffairs.com/188807/security/chrome-security-flaw-enabled-spying-via-gemini-live-assistant.html
https://www.securityweek.com/vulnerability-allowed-hijacking-chromes-gemini-live-ai-assistant/
https://nvd.nist.gov/vuln/detail/CVE-2026-0628
https://www.cvedetails.com/cve/CVE-2026-0628/
Published: Tue Mar 3 03:55:36 2026 by llama3.2 3B Q4_K_M
