Secure Annex has revealed a bombshell cybersecurity scandal. Their investigation led to the finding that popular go-to browser extensions such as Similarweb and Stayfocusd are complicit in prompt poaching. In addition to opening the personal data floodgates, this shocking movement undermines the privacy of almost 900 million active users on these platforms. Security researchers discovered the vulnerability while researching shady data collection operations. As they looked further into this discovery, they began noticing malicious browser add-ons were masquerading as real extensions.
Secure Annex’s investigation has determined that Similarweb, with over 1 million users, has been breached. Stayfocusd, with over 600,000 users, is another of the affected extensions. These malicious add-ons have been identified as “Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI” and “AI Sidebar with Deepseek, ChatGPT, Claude, and more.” The latter has attracted around 300,000 users.
Things got especially scary with Similarweb’s repeated updates. Since then, it was further in May of 2025 that the extension added a user conversation tracking technology. Following this enhancement, an update on January 1, 2026, included a new terms of service pop-up that explicitly stated that data entered into AI tools would be collected.
The Mechanisms of Data Collection
Privacy advocates have pointed out the technical means used by Similarweb to collect sensitive user data. The extension uses DOM scraping methods to pull user conversation data. It adds its own implementation of the full DOM, including hijacking native browser APIs like fetch and XMLHttpRequest. It pulls down a centralized, remote configuration file. This file includes custom parsing logic specifically tailored to models like ChatGPT, Anthropic Claude, Google Gemini and Perplexity.
The reality of such practices is alarming and indicative of a profound disregard for what governs user privacy and security. Users who install this type of malicious add-ons will likely suffer serious impacts including the theft of sensitive information and browsing history.
“It is clear prompt poaching has arrived to capture your most sensitive conversations and browser extensions are the exploit vector.” – John Tuckner
Secure Annex has pointed out that the legitimate extension purportedly used for these purposes, named “Chat with all AI models (Gemini, Claude, DeepSeek…) & AI Agents,” is operated by AITOPIA and has gained a user base of about 1 million. Yet, as this example illustrates, distinguishing between legitimate and malicious tools is becoming more difficult in a digital landscape that continues to grow in complexity and obscurity.
Implications for Users and Developers
A new wave of malicious browser extensions have raised serious questions about their adherence to policies set forth by companies like Google. These tools directly subvert the integrity of online safety mechanisms. John Tuckner noted, “It is not clear if this violates Google’s policies that extensions should be built for a single purpose and not load code dynamically.” This vagueness undermines accountability and public oversight for the developers building these extensions.
The incident is an unfortunate reminder of a growing pattern. Today, cybercriminals are putting platforms such as Lovable, an AI-powered web development service, to work, hosting their privacy policies and infrastructure components on the platform. This tactic only cuts the line between legitimate tools and bad actors who want to monetize and weaponize user data even thinner.
As users scroll through the thousands of extensions available to them, it is only fair that we place the responsibility on the user to stay alert. With a lot of add-ons that seem harmless, there’s a huge risk. These tools cannot serve an agenda that undermines the security of your personal data.
Call for Enhanced Security Measures
Given this new reality, cybersecurity experts are calling on users and developers to double down on security practices. Users should carefully consider the permissions a browser extension requests before installing it. Moreover, developers need to maintain a commitment to transparency and follow privacy laws diligently to build trust with their users.
These recent discoveries highlight the urgent importance for all users to take the initiative in protecting their underlying digital communications. As the nature of cyber threats continues to change, the tactics used to fight them need to change as well.