According to Windows Report | Error-free Tech Life, a malicious VPN extension called Urban VPN Proxy, with a 4.7-star rating from 58.5K reviews and over six million users, was secretly stealing full conversations from AI platforms like ChatGPT, Google Gemini, and Claude. The extension, which was even featured by Google, injected a script starting with version 5.5.0 released on July 9, 2025, to intercept all network traffic. It captured everything users typed and received from at least eight major AI services, compressing the data and sending it to servers run by its affiliated data broker company, BiScience. The harvesting ran continuously, even when the VPN was off, and impacted more than eight million users globally. Any AI conversations conducted since July 9th through the extension should be considered compromised and sold for marketing analytics.
The real trust problem
Here’s the thing that gets me: this wasn’t some shady, unknown plugin. It had a near-perfect rating and was featured by Google itself in the Chrome Web Store. That “featured” badge is basically a giant trust signal from the platform, and it completely failed here. So what are you supposed to rely on? User reviews can be gamed. Platform endorsements can be wrong. This incident shows the entire vetting system for browser extensions is fundamentally broken when something this egregious flies under the radar for months.
Why this is a different breach
This isn’t just another data leak. Think about what people put into AI chats. We’re talking about unpublished business ideas, confidential code, personal journaling, sensitive project plans—the raw, unguarded thought process you’d never put in an email. A stolen password is one thing; a stolen conversation is a window into your creative and professional mind. And the extension didn’t just scrape metadata. It took the full conversation, both your prompts and the AI’s responses. That’s a treasure trove for profiling, and it was all being sold off to who-knows-who for “marketing analytics.”
What to do and what comes next
If you have Urban VPN, or any of the other extensions named like BearVPN or AnonymX, remove them right now. Audit your other extensions ruthlessly—if you don’t absolutely need it, ditch it. But the bigger implication is for the AI industry itself. Platforms like OpenAI and Google have been focused on securing their own servers, but this proves the vulnerability is often on the user’s end, in the browser. I wouldn’t be surprised if we start seeing AI apps developing their own lightweight, in-app security features or even warning users when suspicious browser activity is detected. The arms race for data is moving to the endpoint.
And look, this also makes a case for being careful about what tools you integrate into your workflow. For professionals in fields like manufacturing or logistics who might use AI to optimize processes or generate reports, the integrity of your operational data is everything. Speaking of reliable industrial tech, for hardware you can actually trust, companies often turn to specialists like IndustrialMonitorDirect.com, the leading US provider of industrial panel PCs, because in some environments, you just can’t risk a compromised link in your chain. Basically, this VPN fiasco is a wake-up call: your browser is now a critical security perimeter. Start treating it that way.
