The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...
SecurityWeek

Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

A Chrome vulnerability allowed malicious extensions to hijack the browser’s Gemini Live assistant to spy on users and ...
Dark Reading

Bug in Google's Gemini AI Panel Opens Door to Hijacking

Attackers could have exploited the vulnerability to escalate privileges, violate user privacy while browsing, and access ...

This high-severity Chrome Gemini vulnerability lets malicious extensions spy on your PC

A bug in Google Chrome's Gemini AI feature could expose your data or allow attackers to monitor you. Here's how to stay ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...
GitHub

OpenBankProject/API-Explorer-II

This application is used to explore OBP APIs and interact with the data and services in the context of the logged in user. API Explorer needs a Consumer Key / Secret to access the Open Bank Project ...
theregister

30+ Chrome extensions disguised as AI chatbots steal users' API keys, emails, other sensitive data

More than 30 malicious Chrome extensions installed by at least 260,000 users purport to be helpful AI assistants, but they steal users' API keys, email messages, and other personal data. Even worse: ...
GitHub

Valerian7/AI_JS_DEBUGGER

大模型API密钥(兼容OpenAI的API请求格式,如Qwen、deepseek、Chatgpt、Claude等,可自定义添加) AI_JS_DEBUGGER_0.4.0 ├── backend │ ├── app.py # Flask + Socket.IO 入口 │ ├── routes/ # 调试、配置 ...