AI Sidebar Spoofing Attack: SquareX Uncovers Malicious Extensions that Impersonate AI Browser Sidebars

**Executive summary:** SquareX disclosed research on an "AI Sidebar Spoofing" attack in which malicious browser extensions create pixel-perfect replicas of AI sidebars (used by AI-first and consumer browsers) to return believable but malicious instructions, enabling credential theft, device takeover, and remote ransomware deployment; the technique requires only common extension permissions and can operate across multiple browsers, making it broadly impactful.