Critical Chrome Extension Flaws Compromise Millions of

Critical security flaws have been identified in the widely used Chrome extensions SiderAI and MaxAI. These vulnerabilities expose millions of users to significant risk, allowing attackers to fully compromise browser sessions and potentially access sensitive data across websites and even local systems.

Security researchers at Rebora Security uncovered vulnerabilities dubbed “Spyder” and “MaXSS” affecting AI-powered “agentic side panel” extensions.

These tools, designed to enhance browsing through AI-driven summaries and automation, are installed on more than 10 million devices across Chrome-compatible browsers.

Notably, SiderAI ranks among the top 25 extensions on the Chrome Web Store, highlighting the scale of exposure.

The vulnerabilities stem from insecure handling of communication between web pages and the extension’s internal components, particularly content scripts.

Vulnerabilities in Chrome extensions

In Chrome extensions, content scripts act as intermediaries between websites and the extension’s background processes.

While they are supposed to enforce strict isolation, both SiderAI and MaxAI failed to validate inputs received from web pages properly.

In the case of MaxAI, researchers found that malicious websites could send crafted messages to the extension’s content script, which would then forward them to the background process without proper verification.

This effectively allowed attackers to execute privileged actions such as opening hidden tabs, capturing screenshots, and interacting with user accounts.

In a demonstrated attack scenario, researchers accessed Gmail and Google Calendar sessions and extracted sensitive information without user awareness.

Similarly, the Spyder vulnerability in SiderAI enabled attackers to simulate user interactions such as clicks and keystrokes across embedded web sessions.

By abusing this capability, a malicious site could silently open services like Google Gemini, extract private AI conversation data, and leak it externally. This represents a severe breakdown of browser trust boundaries.

The impact of these flaws is extensive. Attackers could read emails, steal authentication tokens, manipulate documents, and execute actions on behalf of the user across virtually any website.

In some cases, the permissions granted to these extensions could even allow access to local files on the underlying operating system.

One of the most concerning aspects is that exploitation requires no user interaction beyond visiting a malicious webpage. This makes the attack vector both stealthy and highly scalable.

Rebora researchers reported the issues to the extension vendors, but received no response. Due to the severity, the findings were publicly disclosed, and Google, as the operator of the Chrome Web Store, was also notified.

Users are strongly advised to verify whether SiderAI or MaxAI are installed in their browsers and remove them immediately if present.

The incident underscores growing risks associated with AI-integrated browser extensions. It highlights how endpoint security is becoming a critical battleground in the evolving threat landscape.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.