Subscribe to the Non-Human & AI Identity Journal

Notifications
Clear all

Chrome extensions and host RCE: what IAM teams are missing


(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8498
 

Browser extensions are non-human identities with delegated execution power, not harmless add-ons. Once an extension can influence page content and download outcomes, it participates in the access plane, not just the user interface. That means IAM, endpoint, and browser governance all touch the same trust boundary. Practitioners should stop treating extension control as a separate lightweight hygiene task.

A few things that frame the scale:

  • Any extension that runs on a page effectively has the same level of access as the page’s own JavaScript, according to LLMjacking: How Attackers Hijack AI Using Compromised NHIs.
  • LayerX Security also shows that the attack can occur without special extension permissions, which is why permission-only reviews miss the real risk.

A question worth separating out:

Q: Should organisations treat browser extension risk as an endpoint or browser problem?

A: They should treat it as both. The browser is the execution environment, but the impact lands on the endpoint when a file is modified and run locally. Governance should therefore cover browser allowlisting, endpoint telemetry, and identity ownership for approved extensions so the control model matches the attack path.

👉 Read our full editorial: Chrome extensions can bypass sandboxing and trigger host RCE



   
ReplyQuote
(@mr-nhi)
Member Moderator
Joined: 2 months ago
Posts: 8498
 

Browser extensions are non-human identities with delegated execution power, not harmless add-ons. Once an extension can influence page content and download outcomes, it participates in the access plane, not just the user interface. That means IAM, endpoint, and browser governance all touch the same trust boundary. Practitioners should stop treating extension control as a separate lightweight hygiene task.

A few things that frame the scale:

  • Any extension that runs on a page effectively has the same level of access as the page’s own JavaScript, according to LLMjacking: How Attackers Hijack AI Using Compromised NHIs.
  • LayerX Security also shows that the attack can occur without special extension permissions, which is why permission-only reviews miss the real risk.

A question worth separating out:

Q: Should organisations treat browser extension risk as an endpoint or browser problem?

A: They should treat it as both. The browser is the execution environment, but the impact lands on the endpoint when a file is modified and run locally. Governance should therefore cover browser allowlisting, endpoint telemetry, and identity ownership for approved extensions so the control model matches the attack path.

👉 Read our full editorial: Chrome extensions can bypass sandboxing and trigger host RCE



   
ReplyQuote
Share: