We know that browser extensions are embedded in the daily workflows of almost every user, from spell checkers to Genai tools. What IT and security people don’t know is that excessive permissions for browser extensions are an increased risk for organizations.
Layerx today announced the release of Enterprise Browser Extension Security Report 2025. This report is the first and only report that integrates public extension marketplace statistics with actual enterprise usage telemetry. In doing so, it sheds light on one of the most underrated threat surfaces in modern cybersecurity: browser extensions.
The report reveals some findings that IT and security leaders find interesting to build plans for H2 2025. This includes information and analysis, such as the number of extensions with risky permissions, such as when extension developers are trusted. Below are some important statistics from the report.
Highlights of Enterprise Browser Extended Security Report 2025
1. Browser extensions are ubiquitous in enterprise environments. Almost all employees have a browser extension installed. 52% have installed over 10 extensions.
Security Analysis: Almost every employee is at risk of browser extensions.
2. Most extensions have access to important data. 53% of enterprise users’ extensions have access to sensitive data such as cookies, passwords, web page content, browsing information and more.
Security Analysis: Employee-level compromises can put an entire organization at risk.
3. Who will publish these extensions? who knows? Over half (54%) of extension publishers are unknown and are only identified in Gmail. 79% of publishers have only published one extension.
Security Analysis: Tracking the reputation of an extension is difficult if it is possible with IT resources.
4. Genai Expansion is an increased threat. Over 20% of users have at least one Genai extension, and 58% of these have a high-risk permission scope.
Security Analysis: Companies need to define clear policies regarding the use of Genai extensions and data sharing.
5. Unmaintained, unknown browser extensions are growing concern. 51% of extensions have not been updated for more than a year, 26% of enterprise extensions are sideloaded, and basic store reviews have also been bypassed.
Security Analysis: Extensions are vulnerable even if the extension is intentionally unmalicious.
Five Security and IT Recommendations
Not only does this report bring data, it also provides actionable guidance for security and IT teams, and recommends ways to address the threats of browser extensions.
Here’s what Layerx advises your organization:
- Audit all extensions – The overall picture of the extension is the foundation for understanding the surface of the threat. So the first step to protecting malicious browser extensions is to audit all extensions that employees use.
- Classify extensions – A certain type of extension that is attractive to attack. This could be due to a wide user base (such as Genai Extensions) or the privileges granted to such extensions. Extension classification helps you assess your browser extension security attitude.
- Enumerate extension permissions -The next step is to list the information extensions you can access. This will help you further map offensive surfaces and configure your policy later.
- Assessing expansion risk – It’s time to manage risk. This means assessing the risk of each extension based on permissions and information that it has access to. Additionally, the overall risk assessment includes external parameters such as reputation, popularity, publisher, and installation method. Together, these parameters must be combined into a unified risk score.
- Apply adaptive risk-based enforcement – Finally, organizations can use analysis to apply adaptive, risk-based enforcement policies tailored to their usage, needs and risk profiles.
Access the report
Browser extensions are not just productivity tools, they are attack vectors that most organizations do not exist. Layerx’s 2025 report provides comprehensive findings and data-driven analytics to help CISOs and security teams reduce this risk and build a defensible browser environment.
Download the full report.
