Google Chrome Gemini AI Vulnerability Exposes Users to Surveillance and Data Theft

The event involves an AI system explicitly mentioned as the Gemini agentic AI feature in Google Chrome. The vulnerability allowed malicious extensions to exploit the AI system's permissions and perform unauthorized actions, directly leading to harms such as spying on users, stealing data, and phishing. These harms fall under injury to privacy and security of persons, which is a violation of rights and harm to individuals. Since the vulnerability was actively exploitable and caused realized harm, this qualifies as an AI Incident. The article also discusses broader security implications and mitigation efforts, but the primary focus is on the realized harm from the vulnerability exploitation.

The article explicitly mentions an AI system (Google's Gemini AI assistant integrated into Chrome) and a security vulnerability that could have allowed malicious extensions to escalate privileges and access sensitive user data and device functions. Although the vulnerability was fixed before exploitation, the potential for harm was credible and directly linked to the AI system's design and use. Since no actual harm occurred but a plausible risk was present, this fits the definition of an AI Hazard rather than an AI Incident. The article also discusses broader concerns about AI browser security, reinforcing the potential for future incidents if such vulnerabilities are not managed.

The event explicitly involves an AI system (Google's Gemini AI integrated into Chrome) whose malfunction (security flaw) could lead to serious harms such as privacy violations and unauthorized system access. The researchers demonstrated how malicious extensions could exploit the AI panel to hijack privileges, which directly relates to harm (privacy breach and system compromise). The vulnerability was active before being patched, indicating realized risk rather than just potential. Hence, it meets the criteria for an AI Incident due to direct harm linked to the AI system's use and malfunction.

The Gemini AI assistant is an AI system integrated into Chrome, providing multimodal AI capabilities with elevated permissions. The vulnerability exploited the AI system's privileged architecture, enabling attackers to hijack the AI panel and gain unauthorized access to sensitive hardware and data. This directly caused harms such as privacy violations, unauthorized surveillance, and data theft, which fall under injury or harm to persons and harm to property or communities. Since the harm is realized and directly linked to the AI system's malfunction and use, this qualifies as an AI Incident.