By rssfeeds-admin 
Tracked as CVE-2026-0628, the flaw was uncovered by researchers at Palo Alto Networks’ Unit 42 and responsibly disclosed to Google on October 23, 2025. Google confirmed the issue and released a patch on January 5, 2026, prior to public disclosure.
Gemini Live in Chrome is part of a growing class of “AI browsers” that embed AI assistants directly into the browsing environment. These assistants, which also include Microsoft Copilot in Edge and standalone products like Atlas and Comet, operate as privileged side panels capable of real-time webpage summarization, task automation, and contextual browsing assistance.
Because these AI panels need a “multimodal” view of the user’s screen to function effectively, Chrome grants the Gemini panel elevated permissions, including access to the camera, microphone, local files, and screenshot capabilities. This privileged architecture, while enabling powerful features, also dramatically widens the browser’s attack surface.
The flaw resided in how Chrome handled the declarativeNetRequest API a standard browser extension permission that allows extensions to intercept and modify HTTPS web requests and responses. This API is widely used for legitimate purposes, such as ad-blocking.
Researchers found a critical distinction in how Chrome processed requests to hxxps[:]//gemini.google[.]com/app. When that URL loads inside an ordinary browser tab, extensions can intercept and inject JavaScript into it, but this grants no special privileges.
However, when the same URL loads inside the Gemini browser panel, Chrome hooks it with elevated, browser-level capabilities.
Exploiting this inconsistency, a malicious extension using only basic permissions could inject arbitrary JavaScript code into the privileged Gemini panel, effectively hijacking a trusted browser component and inheriting all of its elevated access.
Enables Access to Camera and Microphone
Once an attacker gained control of the Gemini panel via this technique, they could perform the following actions without any user interaction beyond the victim clicking the Gemini button:
| Attack Capability | Impact |
|---|---|
| Camera and microphone activation | Silent surveillance without user consent |
| Screenshot capture | Exfiltration of sensitive on-screen data |
| Local file and directory access | Theft of OS-level files |
| Phishing via trusted panel | High-credibility deception attacks |
The phishing risk is particularly dangerous because the Gemini panel is a trusted, browser-integrated component. Malicious content displayed within it carries an inherent legitimacy that standalone phishing pages lack.
Extension-based attacks have historically been considered lower-risk due to the prerequisites involved in getting a malicious extension installed. However, the integration of privileged AI panels fundamentally changes this calculus.
The number of malicious extensions deployed to browser web stores has grown significantly in recent years. Many are removed quickly, but not before reaching thousands of users.
Additionally, legitimate extensions have been hijacked or sold to threat actors who pushed malicious updates to already-installed endpoints, turning trusted tools into silent weapons.
Within enterprise environments, a compromised extension gaining access to workers’ cameras, microphones, and local files represents a serious organizational security risk, with potential for corporate espionage and data exfiltration.
Google issued a fix on January 5, 2026, following responsible disclosure. Users running the latest version of Chrome are protected. Organizations should ensure Chrome is updated across all endpoints immediately.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Chrome Gemini Vulnerability Lets Attackers Access Victims’ Camera and Microphone Remotely appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.