Chrome Flaw Allowed Extensions to Hijack Google's AI Assistant, Camera and Microphone

A high-severity security vulnerability in Google Chrome allowed malicious browser extensions to silently take control of the browser's built-in Gemini AI assistant, gaining access to cameras, microphones, local files, and screenshots, without users ever being asked for permission.

The flaw, tracked as CVE-2026-0628, affected Chrome's "Live in Chrome" panel, the embedded version of Google's Gemini AI assistant that runs as a privileged side panel within the browser. Because the panel is a trusted part of Chrome itself, users had no reason to suspect it could be quietly weaponised by a rogue extension running in the background.

Researchers found that an extension using a standard Chrome API called declarativeNetRequest could tamper with traffic to the Gemini panel when it loaded in that privileged context. Unlike a normal browser tab, the Gemini side panel can read local files, take screenshots, and access the camera and microphone to help automate tasks, and the vulnerability meant a basic, low-permission extension could inherit all of those capabilities.

In practice, that meant an attacker could activate your camera and microphone without any new consent prompt, browse your local files and directories, take screenshots of any website you visited, and even transform the Gemini panel into a convincing phishing interface designed to steal information.

Normally, extensions cannot control other browser components or extensions. This flaw broke that boundary entirely.

Google shipped a fix in early January 2026, so anyone running a fully updated version of Chrome is no longer at risk. However, users who have delayed updates, particularly those using the "Live in Chrome" feature, remain exposed until they upgrade.

The incident is a broader warning about the direction browser technology is heading. AI-powered browser assistants, including Gemini in Chrome, Copilot in Microsoft Edge, and others, are increasingly embedded with deep access to everything you see and do online. That makes them a highly attractive target for attackers looking for a single point of access to sensitive data.

How to protect yourself

Keeping Chrome updated is the single most important step. Beyond that, security researchers advise installing as few extensions as possible, sticking to those from identifiable, reputable developers, and being suspicious of any extension that requests new permissions after an update.

Watch out for unexpected behaviour too: a camera light activating without explanation, unusual screenshots, or Gemini-related processes accessing files they have no business touching are all potential warning signs.

The vulnerability was discovered and reported responsibly by security researchers, with details published by Malwarebytes.