{"id":10661,"date":"2026-02-14T10:03:46","date_gmt":"2026-02-14T10:03:46","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/02\/14\/malicious-chrome-ai-extensions-attacking-260000-users-via-injected-iframes\/"},"modified":"2026-02-14T10:03:46","modified_gmt":"2026-02-14T10:03:46","slug":"malicious-chrome-ai-extensions-attacking-260000-users-via-injected-iframes","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/02\/14\/malicious-chrome-ai-extensions-attacking-260000-users-via-injected-iframes\/","title":{"rendered":"Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames"},"content":{"rendered":"<p>    Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>A coordinated campaign is using <a href=\"https:\/\/cybersecuritynews.com\/16-malicious-chrome-extensions-as-chatgpt-enhancements\/\" target=\"_blank\" rel=\"noreferrer noopener\">malicious Chrome extensions<\/a> that impersonate popular AI tools like ChatGPT, Claude, Gemini, and Grok.<\/p>\n<p>These fake \u201cAI assistants\u201d spy on users through injected, remote-controlled iframes, turning helpful browser add-ons into surveillance tools. More than 260,000 users have installed these extensions.<\/p>\n<p>Security researchers identified at least 30 Chrome extensions promoted as AI tools for summarizing, chatting, translating, generating images, and <a href=\"https:\/\/cybersecuritynews.com\/gemini-deep-research-tool-gmail\/\" target=\"_blank\" rel=\"noreferrer noopener\">boosting Gmail productivity<\/a>.<\/p>\n<p>Although they use different names and icons, they share the same codebase, permissions, and backend infrastructure, confirming a single organized operation.<\/p>\n<p>Some extensions were even marked as \u201cFeatured\u201d in the Chrome Web Store, increasing trust and downloads.<\/p>\n<p>Here is the malicious extensions table in a clean format:<\/p>\n<figure class=\"wp-block-table is-style-stripes\">\n<table class=\"has-fixed-layout\">\n<thead>\n<tr>\n<th class=\"has-text-align-left\" data-align=\"left\">Extension ID<\/th>\n<th class=\"has-text-align-left\" data-align=\"left\">Name<\/th>\n<th class=\"has-text-align-left\" data-align=\"left\">Installs<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">nlhpidbjmmffhoogcennoiopekbiglbp<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Assistant<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">50,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">gcfianbpjcfkafpiadmheejkokcmdkjl<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Llama<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">147<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">fppbiomdkfbhgjjdmojlogeceejinadg<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Gemini AI Sidebar<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">80,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">djhjckkfgancelbmgcamjimgphaphjdl<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Sidebar<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">9,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">llojfncgbabajmdglnkbhmiebiinohek<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">ChatGPT Sidebar<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">10,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">gghdfkafnhfpaooiolhncejnlgglhkhe<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Sidebar<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">50,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">cgmmcoandmabammnhfnjcakdeejbfimn<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Grok<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">261<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">phiphcloddhmndjbdedgfbglhpkjcffh<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Asking Chat Gpt<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">396<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">pgfibniplgcnccdnkhblpmmlfodijppg<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">ChatGBT<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">1,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">nkgbfengofophpmonladgaldioelckbe<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Chat Bot GPT<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">426<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">gcdfailafdfjbailcdcbjmeginhncjkb<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Grok Chatbot<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">225<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">ebmmjmakencgmgoijdfnbailknaaiffh<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Chat With Gemini<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">760<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">baonbjckakcpgliaafcodddkoednpjgf<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">XAI<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">138<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">fdlagfnfaheppaigholhoojabfaapnhb<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Google Gemini<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">7,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">gnaekhndaddbimfllbgmecjijbbfpabc<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Ask Gemini<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">1,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">hgnjolbjpjmhepcbjgeeallnamkjnfgi<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Letter Generator<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">129<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">lodlcpnbppgipaimgbjgniokjcnpiiad<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Message Generator<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">24<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">cmpmhhjahlioglkleiofbjodhhiejhei<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Translator<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">194<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">bilfflcophfehljhpnklmcelkoiffapb<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI For Translation<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">91<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">cicjlpmjmimeoempffghfglndokjihhn<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Cover Letter Generator<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">27<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">ckneindgfbjnbbiggcmnjeofelhflhaj<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Image Generator Chat GPT<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">249<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">dbclhjpifdfkofnmjfpheiondafpkoed<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Ai Wallpaper Generator<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">289<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">ecikmpoikkcelnakpgaeplcjoickgacj<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Ai Picture Generator<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">813<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">kepibgehhljlecgaeihhnmibnmikbnga<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">DeepSeek Download<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">275<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">ckicoadchmmndbakbokhapncehanaeni<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI Email Writer<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">64<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">fnjinbdmidgjkpmlihcginjipjaoapol<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Email Generator AI<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">881<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">gohgeedemmaohocbaccllpkabadoogpl<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">DeepSeek Chat<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">1,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">flnecpdpbhdblkpnegekobahlijbmfok<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">ChatGPT Picture Generator<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">251<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">acaeafediijmccnjlokgcdiojiljfpbe<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">ChatGPT Translate<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">30,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">kblengdlefjpjkekanpoidgoghdngdgl<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">AI GPT<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">20,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">idhknpoceajhnjokpnbicildeoligdgh<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">ChatGPT Translation<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">1,000<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">fpmkabpaklbhbhegegapfkenkmpipick<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Chat GPT for Gmail<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">1,000<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<h1 class=\"wp-block-heading\" id=\"h-how-the-extensions-work\"><strong>How the Extensions Work<\/strong><\/h1>\n<p>When one extension is removed, attackers quickly upload a clone with a new name and ID, a tactic known as \u201cextension spraying.\u201d<\/p>\n<p>Instead of running AI features locally, the extensions load a full-screen iframe from attacker-controlled domains such as tapnetic[.]pro.<\/p>\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh7RODL4JIx9-ErA62FXZmoAM7ddO4UZlFOi9rjZzTA0KETXSo87nKLlKfv-Hzp1pAn3eFNzK7Kwu8l44OMcv6jcbuaxfgck6R-S-hBgwhQP4582aQPsS1YrWz8SAPPhvMAeNj_WfLIvtZ4Jvo1fxLj49dVuNo4F4FccsbwO2QTcdb0_evpz9G-0j_FgHc\/s1600\/Screenshot%25202026-02-13%2520183713%2520%25281%2529.webp?ssl=1\" alt=\"IFrame Injection (Source: Layerx Security)\"><figcaption class=\"wp-element-caption\"><em>IFrame Injection (Source: Layerx Security)<\/em><\/figcaption><\/figure>\n<p>This allows operators to change functionality remotely without updating the extension in the <a href=\"https:\/\/cybersecuritynews.com\/google-to-remove-two-certificate-authorities\/\" target=\"_blank\" rel=\"noreferrer noopener\">Chrome Web Store.<\/a><\/p>\n<p>Once installed, the extensions can: Extract readable content from active tabs, including authenticated pages.<\/p>\n<p>Capture voice input using the Web Speech API. Track installs and uninstalls using hidden telemetry. A Gmail-focused cluster of 15 extensions injects scripts directly into mail. google[.]com.<\/p>\n<p>These scripts monitor page changes and repeatedly collect visible email content, including threads, drafts, and replies, and send it to attacker-controlled servers.<\/p>\n<figure class=\"wp-block-image size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhGvHDFncyt4uKIYd4hXtxSP3Yty8_ibMFX23x61G6ROf0zwnySoFH-81WqPoXcv8iuiVKZpeI26pUXV0AEri7X_Wecc7hA1OaaeWOZdcfVmOEdu_w7W3GWmWb4SY74UFF_zoyihiQNdQ2HNnIKYWhz1quPSCC7BW-ANYW7pONJtXWPrKDr3rjFrRJqLfM\/s1600\/Screenshot%25202026-02-13%2520183734%2520%25281%2529.webp?ssl=1\" alt=\"Tapnetic.pro subdomains \u2013 VirusTotal.com (Source: LayerxSecurity)\"><figcaption class=\"wp-element-caption\"><em>Tapnetic.pro subdomains \u2013 VirusTotal.com (Source: LayerxSecurity)<\/em><\/figcaption><\/figure>\n<p>All identified extensions communicate with domains under tapnetic[.]pro and onlineapp[.]pro.<\/p>\n<p>Each extension uses themed subdomains (such as chatgpt. tapnetic[.]pro or gemini. tapnetic[.]pro), but connects to the same backend system.<\/p>\n<p>When one high-install extension was removed in February 2025, an identical replacement appeared within weeks using the same malicious architecture.<\/p>\n<p><a href=\"https:\/\/layerxsecurity.com\/blog\/aiframe-fake-ai-assistant-extensions-targeting-260000-chrome-users-via-injected-iframes\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">According to LayerxSecurity researcher<\/a>, the campaign also relies on multiple Gmail accounts to manage and publish extensions.<\/p>\n<h1 class=\"wp-block-heading\" id=\"h-tactics-and-defender-guidance\"><strong>Tactics and Defender Guidance<\/strong><\/h1>\n<figure class=\"wp-block-table is-style-stripes\">\n<table class=\"has-fixed-layout\">\n<thead>\n<tr>\n<th class=\"has-text-align-left\" data-align=\"left\">Tactic<\/th>\n<th class=\"has-text-align-left\" data-align=\"left\">Technique Code<\/th>\n<th class=\"has-text-align-left\" data-align=\"left\">Technique Name<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Resource Development<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX2.003 (T1583)<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Acquire Infrastructure<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Initial Access<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX3.004 (T1189)<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Drive-by Compromise<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Initial Access<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX3.003 (T1199)<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Trusted Relationship<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Execution<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX4.003<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Script Execution<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Defense Evasion<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX7.011 (T1036)<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Masquerading<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Credential Access<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX8.007 (T1557)<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Adversary-in-the-Middle<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Collection<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX10.012<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Web Communication Data Collection<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Collection<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX10.005<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Collect User\u2019s Information<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Command and Control<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX11.004<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Establish Network Connection<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Command and Control<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX11.005<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Web Service-Based C2<\/td>\n<\/tr>\n<tr>\n<td class=\"has-text-align-left\" data-align=\"left\">Exfiltration<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">LX12.001<\/td>\n<td class=\"has-text-align-left\" data-align=\"left\">Data Exfiltration<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<\/figure>\n<p>The operation uses brand impersonation, malicious browser extensions, and web-based <a href=\"https:\/\/cybersecuritynews.com\/shelby-malware-steal-data-abusing-github\/\" target=\"_blank\" rel=\"noreferrer noopener\">command-and-control infrastructure.<\/a><\/p>\n<p>By relying on remote iframes, attackers bypass install-time reviews and maintain full control after deployment.<\/p>\n<p>Defenders should: Audit AI-branded Chrome extensions in their environments. Monitor for suspicious iframe injection and unusual Gmail DOM access.<\/p>\n<p>Watch for outbound traffic to tapnetic[.]pro and related domains. Prioritize runtime monitoring over static extension reviews.<\/p>\n<p>Organizations should treat <a href=\"https:\/\/cybersecuritynews.com\/exploiting-sora-ai-malware-delivery\/\" target=\"_blank\" rel=\"noreferrer noopener\">AI-themed browser<\/a> extensions with caution and enforce strict extension management policies.<\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 94%,rgb(169,184,195) 100%)\"><strong>Follow us on <a href=\"https:\/\/news.google.com\/publications\/CAAqMggKIixDQklTR3dnTWFoY0tGV041WW1WeWMyVmpkWEpwZEhsdVpYZHpMbU52YlNnQVAB?hl=en-IN&amp;gl=IN&amp;ceid=IN:en\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Google News<\/a>, <a href=\"https:\/\/www.linkedin.com\/company\/cybersecurity-news\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">LinkedIn<\/a>, and <a href=\"https:\/\/x.com\/cyber_press_org\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">X<\/a> for daily cybersecurity updates. <a href=\"https:\/\/cybersecuritynews.com\/contact-us\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Contact us<\/a> to feature your stories.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/chrome-ai-extensions-attacking-users\/\">Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Abinaya<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/chrome-ai-extensions-attacking-users\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames A coordinated campaign is using malicious Chrome extensions that impersonate popular AI tools like ChatGPT, Claude, Gemini, and Grok. These fake \u201cAI assistants\u201d spy on users through injected, remote-controlled iframes, turning helpful browser add-ons into surveillance tools. More than 260,000 users have installed these extensions. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[167,768,129,63],"tags":[130],"class_list":["post-10661","post","type-post","status-publish","format-standard","hentry","category-ai","category-chrome","category-cyber-security","category-cyber-security-news","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10661"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=10661"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/10661\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=10661"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=10661"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=10661"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}