%20--%3e%3cdefs%3e%3cstyle%3e%20.st0%20{%20fill:%20%23061b40;%20}%20.st1%20{%20fill:%20%23306af1;%20}%20.st2%20{%20fill:%20%235ce5cf;%20}%20%3c/style%3e%3c/defs%3e%3cg%3e%3cpath%20class='st0'%20d='M55,10.5h9v3h-9v9h12V7.5h-12v3ZM64,19.5h-6v-3h6v3Z'/%3e%3cpolygon%20class='st0'%20points='69%2016.5%2078%2016.5%2078%2019.5%2069%2019.5%2069%2022.5%2081%2022.5%2081%2013.5%2072%2013.5%2072%2010.5%2081%2010.5%2081%207.5%2069%207.5%2069%2016.5'/%3e%3cpolygon%20class='st0'%20points='95%2010.5%2095%207.5%2083%207.5%2083%2022.5%2095%2022.5%2095%2019.5%2086%2019.5%2086%2016.5%2095%2016.5%2095%2013.5%2086%2013.5%2086%2010.5%2095%2010.5'/%3e%3cpath%20class='st0'%20d='M40,1.5v21h11.6l1.4-1.4v-7.6h0c0,0-1.4-1.5-1.4-1.5l1.4-1.4V2.9l-1.4-1.4h-11.6ZM50,19.5h-7v-6h7v6ZM50,10.5h-7v-6h7v6Z'/%3e%3c/g%3e%3cpath%20class='st1'%20d='M23.1,24L14.7,4.8l-4.9,11.2h3.8l-1.8,4H3.3L12.1,0H2C.9,0,0,.9,0,2v20c0,1.1.9,2,2,2h21.1Z'/%3e%3cpath%20class='st2'%20d='M34,0h-16.8l10.6,24h6.2c1.1,0,2-.9,2-2V2C36,.9,35.1,0,34,0ZM32.5,20h-4V4h4v16Z'/%3e%3c/svg%3e)
As AI features are deeply integrated into the browser's core, new security threats have emerged. According to security experts, a critical vulnerability identified in Google Chrome browser, numbered CVE-2026-0628, has been found. This vulnerability allows malicious extensions to hijack the built-in Gemini Live AI panel, thereby obtaining system-level permissions that were previously restricted.
This vulnerability was discovered by researchers from Unit 42, a division of Palo Alto Networks. Investigations revealed that malicious plugins can manipulate how the browser processes sidebar requests, bypassing Chrome's security protection mechanisms. Once the Gemini panel is successfully hijacked, the malicious extension can "inherit" the advanced privileges of the AI assistant, including activating the camera or microphone, reading local sensitive files, capturing screenshots, and even embedding phishing emails within seemingly legitimate dialog boxes.
"Since the Gemini application relies on performing legitimate operations, hijacking this panel allows the extension to gain access to system resources that are usually out of reach," noted security researcher Gal Weizman. This highlights the risk of expanding the attack surface when AI is deeply integrated into the browser's core—plugins that were once restricted can now achieve a leap in permissions by exploiting vulnerabilities in AI features.
Google has already fixed this vulnerability in the stable version update released in early January. Affected users should ensure that their Chrome browser is upgraded to 143.0.7499.192 or higher versions.
This incident has also raised industry concerns about "AI assistants having excessive permissions." Previously, research firm Gartner had advised organizations to avoid using "proxy" browsers that are deeply connected to systems, arguing that the productivity gains from AI-driven automation may not outweigh the deep system risks it brings.
Key Points
🛡️ Privilege Escalation Risk: Malicious extensions can exploit the CVE-2026-0628 vulnerability to hijack the Gemini panel and illegally access the camera, microphone, and read local files.
🛠️ Patch Released: Google has urgently fixed this vulnerability in version 143.0. Users should update promptly to protect themselves.
⚠️ Risks of AI Integration: Deeply embedding AI assistants into the system's core is changing the threat model of browsers. Balancing convenience and security has become a new challenge.