Whereas a lot of the dialogue on AI safety facilities round defending ‘shadow’ AI and GenAI consumption, there is a wide-open window no person’s guarding: AI browser extensions.
A new report from LayerX exposes simply how deep this blind spot goes, and why AI extensions would be the most harmful AI risk floor in your community that is not on anybody’s radar.
AI browser extensions do not set off your DLP and do not present up in your SaaS logs. They dwell contained in the browser itself, with direct entry to the whole lot your staff see, sort, and keep logged into. AI extensions are 60% extra more likely to have a vulnerability than extensions on common, are 3 occasions extra more likely to have entry to cookies, 2.5 occasions extra more likely to be capable of execute distant scripts within the browser, and 6 occasions extra more likely to have elevated their permissions prior to now 12 months. These extensions set up in seconds and might stay in your surroundings indefinitely.
The Browser Extension Menace Floor Is All people, But No one Is Watching
The first false impression is that extensions are a distinct segment danger. One thing restricted to a subset of customers or edge instances. That assumption is totally incorrect.
In accordance with the report, 99% of enterprise customers run a minimum of one browser extension, and greater than 1 / 4 have over 10 put in. This just isn’t an extended tail drawback; it’s common.
But most organizations can’t reply fundamental questions. Which extensions are in use? Who put in them? What permissions have they got? What knowledge can they entry?
Safety groups have spent years constructing visibility into networks, endpoints, and identities. Mockingly, browser extensions stay a serious blind spot.
AI Extensions Are The AI Consumption Channel That No one Talks About
Whereas a lot of the present dialog round AI safety focuses on SaaS platforms and APIs, this report highlights a totally different and largely ignored channel: AI browser extensions.
These instruments are spreading rapidly. About 1-in-6 enterprise customers already use a minimum of one AI extension, and that quantity is simply rising.
Organizations might block or monitor direct entry to AI functions. However extensions function otherwise. They sit contained in the browser. They can entry web page content material, consumer inputs, and session knowledge with out triggering conventional controls.
In impact, they create an ungoverned layer of AI utilization, one which bypasses visibility and coverage enforcement.
AI Extensions Are Not Simply Fashionable. They Are Riskier
It could be straightforward to imagine that AI extensions carry the same danger to different extensions. The information reveals in any other case.
AI extensions are considerably extra harmful. They’re 60% extra more likely to have a CVE than common, 3x extra more likely to have entry to cookies, 2.5x extra more likely to have scripting permissions, and 2x extra more likely to be capable of manipulate browser tabs.
Each of these permissions carries real implications. Cookie access can expose session tokens. Scripting enables data extraction and manipulation. Tab control can facilitate phishing or silent redirection.
This combination of fast adoption, elevated access, and weak governance makes AI extensions an urgent emerging threat vector.
Extensions Are Not Static. They Change Over Time
Security teams often treat extensions as static. Something that can be approved once and forgotten. But that’s not how it works.
Extensions evolve. They receive updates. They change ownership. They expand permissions.
The report shows that AI extensions are nearly six times more likely to change their permissions over time, and that more than 60% of users have at least one AI extension that has changed its permissions in the past year.
This creates a moving target that traditional allowlists cannot keep up with. An extension that was safe yesterday may not be safe today.
The Trust Gap in Browser Extensions Is Wider Than Expected
Security teams rely on a range of trust signals to evaluate extensions, including publisher transparency, install counts, update frequency, and the presence of a privacy policy. While these do not directly indicate malicious behavior, they are key to assessing overall risk.
A significant portion of extensions have very low user bases. More than 10% of all extensions have fewer than 1,000 users, a quarter have fewer than 5,000 users, and a third have fewer than 10,000 installations. This is particularly a challenge with AI extensions, where 33% of AI extensions have fewer than 5,000 users, and nearly 50% of AI extensions have less than 10,000 users.A large user base is essential for establishing ongoing trust, but once again, AI extensions are showing substantially higher risk.
Moreover, around 40% of extensions haven’t received an update in over a year, suggesting that they are no longer actively maintained. Extensions that are not regularly updated may contain unresolved vulnerabilities or outdated code that attackers exploit.
As a result, most extensions used in enterprise environments show weak or missing signals across these areas. This raises serious questions about data handling and compliance. It also highlights how little scrutiny extensions receive compared to other software components.
Turning Insight into Action: The Path Forward for CISOs
The report outlines a clear direction for security teams:
- Continuously Audit The Organization’s Extension Threat Surface: With 99% of enterprise users running at least one extension, a full inventory is a mandatory first step toward risk reduction. CISOs should do an organization-wide extension audit covering all browsers, managed and unmanaged endpoints, across all users.
- Apply Targeted Security Controls to AI Extensions: AI extensions represent an outsized risk due to their elevated permissions that can expose SaaS sessions, identities, and sensitive in-browser data. Organizations should apply stricter governance policies to control how these extensions interact with enterprise environments.
- Analyze Extension Behavior, Not Just Static Parameters: Static approvals are not sufficient. Risk needs to be continuously assessed based on permissions, behavior, and changes over time.
- Enforce Trust and Transparency Requirements: Extensions that have very low install counts, lack privacy policies, or show poor maintenance history should be treated as higher risk. Establishing minimum trust criteria helps reduce exposure to unverified or abandoned extensions.
A New Lens On An Old Problem
For years, browser extensions have been treated as a convenience feature. Something to enable productivity and customization. However, they are no longer a peripheral risk. They are a core part of the enterprise attack surface. Widely used, highly privileged, and largely unmonitored, they create direct exposure to sensitive data and user sessions.
Download the full Extension Security report from LayerX to understand the full scope of these findings, identify where your exposure truly lies, and get a clear path to controlling this growing attack surface without disrupting productivity.
