Unit 42 — Chrome Gemini Live panel hijack vulnerability enables camera/mic access

AI relevance: Browser-integrated AI assistants like Chrome's Gemini Live panel represent a new attack surface where malicious extensions can hijack privileged AI capabilities to access sensitive system resources, demonstrating how AI agent infrastructure expands traditional browser security boundaries.

• Palo Alto Networks Unit 42 researchers discovered CVE-2026-0628, a high-severity vulnerability in Chrome's Gemini Live panel.
• The vulnerability allows malicious extensions with basic permissions to hijack the privileged AI assistant component.
• Attackers could access camera and microphone without consent, take screenshots of any website, and access local files.
• The flaw exploits Chrome's declarativeNetRequests API to inject JavaScript into the Gemini panel component.
• Unlike ordinary website tabs, the Gemini panel runs with elevated browser privileges for AI functionality.
• The attack requires no user interaction beyond clicking the Gemini button in Chrome's title bar.
• Google fixed the vulnerability in early January 2026 after responsible disclosure in October 2025.
• This represents a new class of AI browser security risks where agentic capabilities create privileged attack surfaces.
• Enterprise organizations face increased risk from malicious extensions gaining access to worker cameras and files.

Why it matters

As browsers integrate AI assistants with elevated privileges, traditional extension security models break down. Malicious actors can exploit these new privileged components to bypass browser security boundaries, gaining unauthorized access to sensitive system resources that would normally be protected. This demonstrates how AI agent infrastructure creates novel attack surfaces that require new security paradigms beyond traditional web security.

What to do

• Update Chrome immediately — Ensure you're running the latest Chrome version with Google's January 2026 security fixes
• Review browser extensions — Audit installed extensions and remove any unnecessary or suspicious ones
• Implement enterprise browser security — Use solutions like Prisma Browser that monitor extension behavior
• Monitor for anomalous extension activity — Watch for extensions requesting unexpected permissions or behaviors
• Educate users — Train employees to only install extensions from trusted sources and review permissions
• Consider browser isolation — For high-security environments, evaluate browser isolation technologies

Sources

• Unit 42 — Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel
• NVD — CVE-2026-0628 Detail
• Google — Gemini Live in Chrome Documentation
• Adversa AI — Top Agentic AI Security Resources April 2026