Chrome's Gemini AI Gap Can Be Used by Hackers to Peek at the Camera and Steal Data
Jakarta - Cyber security researchers have discovered a serious vulnerability in the Google Chrome browser involving Google's artificial intelligence assistant feature Gemini. This security hole allows malicious extensions to spy on users to steal sensitive data from their devices.
The vulnerability was discovered by a team of security researchers from Palo Alto Networks Unit 42 and recorded with the security code CVE-2026-0628. Researchers say this problem comes from the weak implementation of security policies on the WebView component used by the Gemini panel in the browser.
Under certain conditions, attackers can exploit the gap by distributing a seemingly harmless browser extension. Once the user installs it, the extension can inject malicious scripts or code into the browser page and manipulate Gemini's operation.
Through this technique, hackers have the potential to gain access to system resources that are usually not accessible by regular browser extensions.
If the exploit is successfully carried out, the attacker can even take over Gemini's ability to perform various actions without user consent. In the worst-case scenario, hackers can access the device's camera or microphone, take screenshots, read local files, and launch phishing attacks.
Gemini is designed as an AI assistant that can run various tasks on behalf of the user, manipulation of the feature can significantly expand the range of attacks within the browser.
Technology company Google has responded to these findings by releasing security updates to Chrome versions 143.0.7499.192 and 143.0.7499.193 for Windows and macOS operating systems, as well as similar patches for Linux.
Google urges all Chrome users to immediately update their browser to avoid potential exploitation of the vulnerability. In many cases, updates will be downloaded and installed automatically by the browser, but users are also advised to check for updates manually via Chrome's settings menu.
This case is a reminder that the integration of artificial intelligence into everyday software opens up new opportunities for innovation, while creating new attack surfaces for the cybersecurity world.
In the modern digital ecosystem, AI is no longer just a tool for searching for information, but has become an "agent" that can act on behalf of users. When the agent is hacked, the impact can be much wider than a regular software bug - as if someone suddenly got the master key to open many doors at once in the system.