Firefox AI Chatbot feature exposed users to email theft risk

A vulnerability in Firefox's AI chatbot integration could allow malicious websites to inject hidden instructions into AI prompts and extract data from connected services such as email accounts. Mozilla has implemented mitigations, though researchers say the underlying security issue extends beyond Firefox.

TL;DR: A vulnerability in Firefox’s AI chatbot integration could allow malicious websites to inject hidden instructions into AI prompts and extract data from connected services such as email accounts. Mozilla has implemented mitigations, though the researchers who discovered the problem say the underlying security issue extends beyond Firefox. MORE DETAILS: The flaw was discovered in October 2025 by Florian Port of German cybersecurity firm ERNW and publicly disclosed on June 16, 2026. It affected Firefox’s AI-powered summarization, explanation, and proofreading features, which can send webpage content to third-party chatbots integrated into the browser’s sidebar.