A high-severity flaw in Google Chrome allowed browser extensions to hijack powerful features of Gemini, potentially gaining access to cameras, microphones, and local files.
The vulnerability, tracked as CVE-2026-0628, affected the “Live in Chrome” Gemini side panel.
This feature runs the Gemini web app inside a privileged browser interface capable of interacting with on-screen content.
Researchers discovered that extensions using Chrome’s declarative-Net-Request API could manipulate traffic to the Gemini panel and inject malicious JavaScript code.
Because the Gemini panel operates with elevated privileges, a low-permission extension could inherit those capabilities.
That included activating cameras or microphones, browsing local files, and capturing screenshots without additional prompts.
The flaw also created opportunities for phishing by turning the trusted Gemini interface into a fake prompt designed to trick users.
Google fixed the vulnerability in a January 2026 update.
Security experts advise users to keep browsers updated, install only trusted extensions, and watch for unusual behaviour such as unexpected camera activation or unexplained screenshots.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
