Browser Extensions: A Hidden Threat to Organizational Security

According to a report by LayerX, browser extensions are installed on almost every employee's browser but are rarely monitored by security teams or controlled by IT departments. This makes nearly every employee a potential security vulnerability.

• Most extensions access sensitive data:

  • 99% of organizational users have at least one browser extension installed; 53% have more than ten.

  • 53% use extensions with high or sensitive access levels, including cookies, passwords, browsing history, and other data.

  • Over 20% of users have installed Generative AI (GenAI) extensions, which are twice as likely as others to access sensitive data and bypass organizational access controls.

  • 58% of GenAI extensions have high or sensitive permissions—twice the average of other extensions.

• Developer credibility is questionable:

  • 54% of extension developers use free email accounts like Gmail.

  • 79% have published only one extension.

  • 22% of extensions are less than six months old, making credibility assessment difficult.

• Outdated extensions are a growing threat:

  • 51% haven’t been updated in over a year, making them vulnerable to exploits.

  • 25% haven’t been updated in over a year and are by developers using free Gmail accounts—indicating possible abandonment.

• Unofficial and side-loaded extensions increase risk:

  • 17% come from unofficial sources.

  • 26% are side-loaded via external processes, bypassing official store checks.

Orr Shad, CEO of LayerX Security, warns that browser extensions have become a major overlooked threat in organizational environments due to their widespread use, high access levels, lack of oversight, and often unknown publishers.

Conclusion: Organizations must implement stricter extension management policies to safeguard sensitive data and reduce risk.