More than 300 Chrome extensions were found to be leaking browser data, spying on users, or stealing user information.

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

The Chrome Web Store has been infested with dozens of malicious browser extensions claiming to provide AI assistant functionality but that secretly are siphoning off personal information from victims.