Recommended reading

Browser extensions are increasing the attack surface, putting employees and businesses at risk

News
By published

Organizations are running multiple browser extensions

Chrome, Edge, Safari, and Firefox browser apps on a mobile phone
(Image credit: Shutterstock)
  • LayerX says enterprises are using tens of extensions daily
  • Many are built by anonymous individuals
  • Some have extensive permissions, putting sensitive data at risk

Browser extensions are increasing the attack surface, putting employees and businesses at risk. This is according to the 2025 Enterprise Browser Extension Security Report, a new paper published by LayerX, a cybersecurity company specializing in securing web browsing for enterprises.

The document was drafted by combining data from public extension marketplaces and real-world enterprise usage telemetry, LayerX said.

The improvements extensions bring to everyday browsing are undeniable, LayerX said, describing them as “ubiquitous”. Virtually all enterprises (99%) have at least one installed, and more than half of analyzed organizations (52%) are running more than ten extensions.

TechRadar Pro readers can get 60% off Premium Plans at RoboForm now!

TechRadar Pro readers can get 60% off Premium Plans at RoboForm now!

New users can take advantage of RoboForm’s exclusive deal and get 60% off the Premium Plan. With this deal, you can get unlimited password storage, one-click login & autofill, password sharing, two-factor authentication for added protection, cloud backup, and emergency access for trusted contacts. To claim this deal, visit this link and sign up for the Premium Plan to lock in this huge discount.

Preferred partner (What does this mean?)

View Deal

Extensions add risk

Extensions are pieces of software that add features or functionality to web browsers. These can be anything from blocking ads, managing passwords, to enhancing productivity. They can be built by both companies and independent (and anonymous!) developers, and can be found in browser-specific stores like the Chrome Web Store or Firefox Add-ons site.

However, the researchers also claim they are dangerous, since 53% of installed extensions in enterprise environments have ‘high’ or ‘critical’ risk permissions, allowing access to sensitive data. Also, more than 20% of enterprise employees are now using GenAI extensions, more than half (58%) of which also have ‘high’ or ‘critical’ permissions.

Trouble is further compounded by the fact that the identity of the extension’s developer is, in many cases, unknown. More than half (54%) of extensions are published anonymously, and 79% of publishers have only released one extension, “making trust assessment extremely challenging”. Finally, 51% of extensions haven’t received an update in more than a year, while 26% are sideloaded, bypassing security vetting.

To mitigate the threat, enterprises should audit all browser extensions, categorize them to understand their risk profiles, and enumerate and analyze their permissions “meticulously,” LayerX suggested. They should also perform comprehensive risk assessments and enforce adaptive, risk-based security policies.

Via BleepingComputer

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.