Your AI sidekick might be a spy.

Your AI sidekick might be a spy.

From Research Saturday by N2K Networks

March 14, 2026 · 23 min · Season 10 · Episode 416

About this episode

The episode discusses a campaign of malicious browser extensions designed to steal ChatGPT accounts, featuring insights from Or Eshed of LayerX Security.

This week, we are joined by Or Eshed, Co-Founder and CEO from LayerX Security, discussing their work on "How We Discovered A Campaign of 16 Malicious Extensions Built to Steal ChatGPT Accounts." Researchers uncovered a coordinated campaign of 16 malicious browser extensions posing as ChatGPT productivity tools while secretly stealing user accounts. The extensions intercept ChatGPT session authentication tokens and send them to attacker-controlled servers, allowing threat actors to impersonate users and access their conversations, files, and connected services like Google Drive or Slack. The findings highlight how AI-focused browser extensions are creating a new attack surface, emphasizing the need for organizations to closely monitor and restrict third-party AI tools. The research can be found here: ⁠⁠⁠How We Discovered A Campaign of 16 Malicious Extensions Built to Steal ChatGPT Accounts Learn more about your ad choices. Visit megaphone.fm/adchoices

People in this episode

Guest: Or Eshed

Topics covered

  • AI security
  • malicious extensions
  • cybersecurity
  • ChatGPT
  • browser security
  • threat actors

Keywords

  • malicious extensions
  • ChatGPT accounts
  • AI tools
  • cybersecurity
  • LayerX Security
  • Or Eshed
  • browser security

Mentioned in this episode

Organizations: LayerX Security, Google Drive, Slack

Products: ChatGPT

More episodes of Research Saturday

Explore listener stats, chart rankings, contacts and more on the Research Saturday podcast page.