Chrome's Gemini AI Panel Exploited as Privilege Escalation Vector by Malicious Extensions

Security researchers have identified a high-severity vulnerability in Google Chrome that enabled malicious browser extensions to hijack the browser's embedded Gemini Live AI panel. This flaw allowed rogue add-ons to inherit elevated system privileges they were never authorized to possess. The exploit effectively transformed the AI feature into a conduit for privilege escalation, bypassing standard security sandboxing. The vulnerability resided in the interaction model between the Gemini panel and the broader Chrome extension ecosystem, creating an unintended bridge for malicious code. This discovery highlights a significant risk in the integration of advanced AI features into core browser infrastructure, where new attack surfaces can emerge. The flaw has since been addressed by Google following responsible disclosure. The incident underscores the ongoing challenge of securing complex, feature-rich platforms against novel exploitation techniques that leverage newly introduced capabilities.