Over ten million people might face major online threats following the discovery of severe weaknesses in two common AI-based Chrome add-ons, SiderAI and MaxAI. Though designed to assist with summaries and automated tasks, these tools were found carrying dangerous bugs – dubbed “Spyder” and “MaXSS” – by analysts at Rebora Security during a routine check of such software. Once exploited, either flaw lets unauthorized parties hijack active browsing activities.
Information saved on sites, along with files on personal devices, may become reachable without permission. While built for convenience through side panels and smart responses, their broad adoption across Chromium-linked browsers amplifies how far harm could spread. Despite appearing helpful, the underlying structure allows invasive access when misused.
One of the leading tools on the Chrome Web Store, SiderAI sits in the top quarter of all extensions by popularity.
One of the leading tools on the Chrome Web Store, SiderAI sits in the top quarter of all extensions by popularity.
A recent analysis revealed flaws in how SiderAI and MaxAI managed data flow between sites and their inner workings, especially involving content scripts. Although these scripts should serve as controlled messengers – keeping site code apart from backend logic – the boundaries blurred in practice. Messages sent by web pages entered without sufficient checks. Because verification steps were missing, untrusted inputs could move deeper into the system than intended.
A flaw in MaxAI allowed harmful sites to transmit manipulated data directly to its content script.
A flaw in MaxAI allowed harmful sites to transmit manipulated data directly to its content script.
Though meant to relay information, the system passed these signals onward – into the background process – with little checking. Because of this gap, unauthorized users gained access to powerful functions. Hidden tabs appeared without warning, snapshots of screens were captured, site interactions occurred – all while riding on logged-in accounts. Security weakened when trust was misplaced across internal components.
Testing revealed researchers gaining entry to live Gmail and Google Calendar sessions, pulling confidential data while leaving no trace.
Testing revealed researchers gaining entry to live Gmail and Google Calendar sessions, pulling confidential data while leaving no trace.
What made the Spyder vulnerability in SiderAI alarming was its ability to mimic real user behavior – clicks, typing – all within integrated browser windows. A compromised site, using this loophole, might load Google Gemini unseen, harvest ongoing AI dialogues, then send them outward. Detection during such an event remained unlikely.
What happens because of these flaws goes well past messages or chat tools.
What happens because of these flaws goes well past messages or chat tools.
Through them, hackers might grab login codes, see private correspondence, change files, while acting like the victim on many sites. Sometimes, the broad access given to such add-ons lets intruders reach data saved directly on a person’s device.
What stands out most is how little effort an attacker needs – just opening a harmful webpage can trigger the flaw. Because of this low barrier, threats can spread fast without clear signs.
What stands out most is how little effort an attacker needs – just opening a harmful webpage can trigger the flaw. Because of this low barrier, threats can spread fast without clear signs.
After uncovering the problem, Rebora Security reached out to the creators of the affected tools; silence followed. With no reply, the details eventually appeared online, while a heads-up also went to Google.
Should SiderAI or MaxAI appear in a user’s browser, removal is urgent. This case brings attention to rising risks tied to artificial intelligence add-ons – especially those collecting sensitive online behavior.
Should SiderAI or MaxAI appear in a user’s browser, removal is urgent. This case brings attention to rising risks tied to artificial intelligence add-ons – especially those collecting sensitive online behavior.
When apps gain deep access to personal information, careful review of their privileges becomes unavoidable. Security grows more complex as these tools spread across everyday browsing routines.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: