Browser extension security was analyzed in a recent report by Spin.AI. The report reveals nearly 51% of browser extensions pose a high risk to data stored in Google Workspace and Microsoft 365, and 44% pose a medium risk. 

Of over 300,000 extensions and third-party OAuth applications analyzed, 42,938 extensions have unknown authors and are registered to a personal email account. These anonymous extensions, combined with the sheer volume of extensions being used by organizations, create an expanding threat landscape.

The report categorizes extensions into high, medium and low-risk tiers based on operational, security, privacy and compliance factors. Among the key findings, developer tool extensions pose the highest risk at 56%. Productivity extensions, which are the most installed type of extension, don't escape scrutiny, with more than 53% classified as high risk.

Read the full report here