In a revolutionary new twist, Google Chrome has decided it’s not just your mom who goes through your drawers anymore. Thanks to a now-patched flaw, extensions can do it too, rummaging for juicy secrets with the efficiency of a nosy relative during the holidays.

The vulnerability, dubbed CVE-2026-0628 (because why not give it a number that sounds like a cyborg assassin), allows extensions to climb the proverbial privilege ladder. Chrome, in its infinite wisdom, had this hole in the WebView tag just chilling out like a forgotten Christmas cookie, inviting cyber Grinches to partake.

Google patched this security blunder faster than you can say, “Wait, where did my privacy go?” in January 2026, after realizing that maybe, just maybe, allowing extensions to play ‘God Mode’ on your system wasn’t the best UX feature.

While Google is busy putting out digital fires, users around the world continue to underestimate cyber threats with the same fervor that keeps forwarding chain emails alive. Here’s hoping the next vulnerability isn’t akin to a digital diary confessional.