CyberInsider

Reliable cybersecurity news and resources

General

Latest News

About

CyberInsider covers the latest news in the cybersecurity and data privacy world. In addition to news, we also publish in-depth guides and resources.
See our Mission >

Chrome Vulnerability Could Let Attackers Hijack Gemini AI Sessions

By Leave a Comment
LinkedInReddit

A newly disclosed vulnerability in Google Chrome could allow attackers to secretly take control of Google’s Gemini AI interface and manipulate the browser into performing malicious actions without user consent, cybersecurity researchers warn.

The issue was uncovered and detailed by threat analysts at Palo Alto Networks Unit 42 in a technical advisory. The flaw resides in the way Chrome implements Gemini on web pages, allowing crafted sites to trick the browser into executing commands or redirecting users to harmful content.

By abusing legitimate features of the browser and the AI interface, attackers don’t need to exploit low-level code bugs — instead, they manipulate high-level browser behavior to carry out unauthorized actions, such as stealing tokens, redirecting users to phishing sites, or prompting unwanted downloads.

The vulnerability, tracked as CVE-2026-0628, could enable attackers to:

  • Access a victim’s camera and microphone without permission
  • Take screenshots of any website the user visits
  • Access local files and directories stored on the device

What makes this issue notable is its stealthy nature: because the interactions leverage normal browser functions, they can fly under the radar of many defensive tools that focus on known malware signatures or abrupt network behavior. In other words, an unsuspecting user can visit a seemingly harmless page and have their browser hijacked to perform actions they didn’t intend.

The vulnerability specifically targets the way Chrome handles embedded AI prompts and UI elements. When a malicious page loads, it can overlay hidden controls that mimic legitimate interactions, making users unknowingly approve sensitive operations.

Unit 42’s researchers demonstrated several proof-of-concept attacks showing how a compromised page could redirect Chrome to attacker-controlled sites or extract authentication tokens from a user’s session. While there are no widespread exploit reports yet, the potential for automated abuse — especially through compromised or malicious advertising networks — is real.

Google has been notified of the issue and is expected to address the problem in an upcoming Chrome update. Until a patch is available, defenders and users should consider:

  • Exercising caution with unfamiliar websites and links, especially pages that request AI interactions.
  • Keeping Chrome updated to the latest release, which may include intermediate mitigations or controls.
  • Using extensions or browser settings that limit script execution and embedded content on untrusted sites.

If you liked this article, be sure to follow us on X/Twitter and also LinkedIn for more exclusive content.

LinkedInReddit

More from CyberInsider

About Bill Mann

Bill specializes in explaining complex technical topics to a non-technical audience. In his 30+ year career, he has covered many of the technological advances that shape our lives. Today, Bill uses those skills to help people protect their privacy and security against the ever-growing assaults on both.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Share to...
BlueskyBufferCopyFlipboardHacker NewsLineLinkedInMastodonMessengerMixNextdoorPinterestPrintRedditSMSTelegramThreadsTumblrVKWhatsAppXingYummly