New Report Finds Most Browser Extensions Pose a Risk to Enterprise Data
Browser extensions have become an integral part of employees’ daily workflows—ranging from spell checkers to AI productivity tools. However, a new report from LayerX highlights a growing blind spot in enterprise security: the vast majority of these extensions come with excessive permissions that could expose sensitive organizational data.
Released today, the Enterprise Browser Extension Security Report 2025 is the first of its kind to combine public extension marketplace data with real-world enterprise telemetry. The findings uncover what is arguably one of the most overlooked threat vectors in enterprise environments: the browser extension.
As organizations plan their security strategies for the second half of 2025, the report offers timely insights into the risks associated with extensions—focusing on permissions, publisher credibility, GenAI tool usage, and more. Here are some of the most important takeaways:
Key Findings from the 2025 Enterprise Browser Extension Security Report
1. Browser extensions are everywhere.
A staggering 99% of employees use browser extensions, and 52% have more than 10 installed.
Security Implication: Almost every employee is exposed to some level of browser extension risk.
2. Over half can access sensitive enterprise data.
53% of extensions used in enterprise environments can access cookies, credentials, page content, browsing history, and other sensitive information.
Security Implication: A single compromised user could put the entire organization at risk.
3. Extension publisher identities are unclear.
54% of extensions are published by developers with only Gmail addresses, and 79% of publishers have released just one extension.
Security Implication: Vetting publisher trustworthiness is extremely difficult for IT teams.
4. GenAI extensions introduce new risks.
More than 20% of users have at least one GenAI browser extension installed, and 58% of those have high-risk permission scopes.
Security Implication: Without strict policies, GenAI tools could open new data exposure pathways.
5. Many extensions are outdated or sideloaded.
51% of browser extensions haven’t received an update in over a year, and 26% are sideloaded, meaning they bypass standard vetting processes.
Security Implication: Even non-malicious extensions can become vulnerable over time if left unmaintained.
5 Security Recommendations
To help mitigate the risks posed by browser extensions, LayerX provides five actionable steps for IT and security leaders:
- Audit all browser extensions
Start with a comprehensive audit to identify all extensions in use across the organization—this forms the foundation of extension security. - Categorize extensions by type and risk
Focus on high-risk categories such as GenAI or widely used productivity tools. Categorization helps prioritize security reviews. - Enumerate permissions
Detail which data each extension can access to understand potential attack surfaces and inform access controls. - Conduct risk assessments
Assign a risk score to each extension based on permissions, publisher reputation, popularity, and installation method. - Apply adaptive, risk-based enforcement
Tailor enforcement strategies to align with organizational risk profiles, using the data gathered to enforce appropriate security policies.
As browser extensions continue to expand in capability and popularity, so too does their potential for misuse—accidental or intentional. This report underscores the urgent need for enterprises to shift from passive oversight to active governance when it comes to browser extension security.
