BotBeat
...
← Back

> ▌

N/AN/A
INDUSTRY REPORTN/A2026-04-15

WhatRuns Browser Extension Compromised by Malicious Update Exfiltrating URLs and AI Chat Data

Key Takeaways

  • ▸WhatRuns browser extension received a malicious update capable of stealing full URLs and AI chat data from users
  • ▸The compromise represents a supply chain attack affecting a tool with significant user adoption
  • ▸Browser extensions with broad data access permissions present significant security risks when compromised
Source:
Hacker Newshttps://www.youtube.com/watch?v=UYwUmaVohQk↗

Summary

A malicious update to the popular WhatRuns browser extension has been discovered, compromising user security by exfiltrating full URLs and AI chat conversations. The compromised extension, which helps users identify technologies used on websites, was distributed to an unknown number of users through what appears to be a supply chain attack. This incident highlights the vulnerability of widely-used browser extensions and the risks associated with third-party tools that collect browsing data. The extent of the breach and number of affected users remains unclear, though security researchers have documented the malicious behavior through video evidence.

  • Users should review extension permissions and consider removing potentially compromised tools until official patches are released
CybersecurityAI Safety & AlignmentPrivacy & Data

More from N/A

N/AN/A
POLICY & REGULATION

New York Becomes First U.S. State to Impose AI Data Center Ban

2026-07-15
N/AN/A
POLICY & REGULATION

China's Universities Cut 12,000 'Obsolete' Degrees Amid Race to Embrace AI Era

2026-06-16
N/AN/A
POLICY & REGULATION

Argentina Proposes 'Non-Human Corporations' Legislation to Enable AI-Owned Companies

2026-06-15

Comments

Suggested

Multiple AI ProvidersMultiple AI Providers
RESEARCH

Security Research Reveals How AI Code Reviewers Can Be Tricked Into Deploying Secret-Stealing Code

2026-07-16
Federal Bureau of InvestigationFederal Bureau of Investigation
POLICY & REGULATION

FBI Explores AI-Powered Signature Verification for Georgia Election Investigation

2026-07-16
AnthropicAnthropic
PARTNERSHIP

Claude Integrates with 1Password for Secure Password Management

2026-07-16
← Back to news
© 2026 BotBeat
AboutPrivacy PolicyTerms of ServiceContact Us