Let us handle IT so you can focus on growing your business.
Empower your IT team with scalable co-managed support.
Get multichannel 24/7/365 expert end-user support.
Protect, detect, and respond—Dataprise keeps your business secure.
Maximize uptime with with industry-leading DRaaS.
Swiftly mitigate cyber threats and restore security.
Improve efficiency, productivity and outcomes with cloud.
Ensure all mobile devices, everywhere, are secure.
Gain a competitive edge with strategic IT solutions.
This battle-tested checklist enables your team to swiftly initiate a ransomware response.
IT for businesses of all sizes, in any industry.
Empower institution growth with custom IT solutions.
Ensure your firm is always in compliance.
Improve patient care and staff morale.
Deal with pressing legal matters, not IT.
Keep up with the evolving digital landscape.
Focus on your mission by outsourcing IT.
Keep production running with secure, always-on IT.
Accelerate PE client deals and secure data.
Empower Your Municipality with Secure, Reliable IT Services
Execute initiatives and develop IT strategies.
Get the latest industry insights and trends.
Join us at events in person and online.
Hear from clients and learn more about strategic IT.
See how Dataprise can make IT your greatest asset.
Get informative technical resources from IT experts.
Stay on stop of emerging cybersecurity threats.
Discover the key areas of DR your organization needs to address to ensure downtime is minimized.
Gain a strategic asset by bringing harmony to IT.
Ensure 24/7 support and security with dedicated teams.
Drive business forward by partnering with Dataprise.
Meet our one-of-a-kind leadership team.
Discover the recognition Dataprise has earned.
Help us help businesses with strategic IT.
Grow through acquisition and partnership with Dataprise.
Embracing different perspectives and backgrounds.
Find a Dataprise location near you.
Dataprise is committed to empowering more women to consider a career in technology.
Explore our trusted partnerships with leading tech innovators.
Defense Digests
Table of content
Two Chrome extensions posing as AI productivity helpers were found exfiltrating users’ sensitive ChatGPT and DeepSeek conversations to attacker-controlled servers. The extensions abused browser permissions to capture complete chatbot histories, browsing data, internal corporate URLs, and authentication tokens, putting both personal and company data at risk. This recent threat demonstrates two of the latest attacker trends of creating imposter AI tools through an often unprotected vector of browser extensions.
Security researchers uncovered the two malicious Chrome Web Store extensions with a combined install count exceeding 900,000 users. The extensions were masquerading as legitimate AI productivity tools with names including “Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI” (over 600,000 installs) and “AI Sidebar with DeepSeek, ChatGPT, Claude and more” (over 300,000 installs).
Once installed, the extensions will prompt users to grant “anonymous, non-identifiable analytics data” permissions. After consent, the victim’s private chat history and data relating to open tabs, browser history, and active sessions are stored locally before being sent to the attacker’s command and control infrastructure.
Chat GPT for Chrome with GPT-5, Claude Sonnet & DeepSeek AI
AI Sidebar with Deepseek, ChatGPT, Claude, and more
Command & Control (C2) Domains
Contributing Author: Sam McGovern | Associate vCISO
INSIGHTS
Subscribe to get real-time notifications when a new Dataprise Defense Digest is published.