An investigation has uncovered malicious Chromium-based browser extensions masquerading as legitimate AI assistant tools to collect Large Language Model (LLM) chat histories and browsing data. These extensions have been installed approximately 900,000 times, affecting over 20,000 enterprise tenants. The malicious extensions collect full URLs and AI chat content from platforms like ChatGPT and DeepSeek, potentially exposing organizations to leaks of confidential information. The attack chain involves reconnaissance, weaponization, delivery through trusted app stores, exploitation of user trust, installation for persistence, and regular data exfiltration to attacker-controlled infrastructure. This activity transforms a seemingly benign productivity tool into a persistent data collection mechanism embedded in daily enterprise browser usage.