Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.
Visual Studio Magazine

Azure Developer CLI Adds AI Agent Extension for Foundry Deployments

Microsoft introduced a new azd AI agent extension that lets developers build and deploy Microsoft Foundry agents directly from their local development environments. The update brings agent workflows ...
Hosted on MSN

Malicious Microsoft AI extensions might have hit over 1.5 million users

Two VSCode extensions exfiltrated sensitive user data to Chinese servers ChatGPT – 中文版 and ChatMoss had over 1.5 million installs combined Extensions used hidden iframes, commands, and SDKs to steal ...
Bleeping Computer

Malicious AI extensions on VSCode Marketplace steal developer data

Two malicious extensions in Microsoft’s Visual Studio Code (VSCode) Marketplace that were collectively installed 1.5 million times exfiltrate developer data to China-based servers. Both extensions are ...
Ars Technica

Browser extensions with 8 million users collect extended AI conversations

Browser extensions with more than 8 million installs are harvesting users’ complete and extended AI conversations and selling them for marketing purposes, according to data collected from the Google ...