AI Systems Under Fire: Gemini Chrome Exploit, Copilot DLP Gaps & NIS2 Cloud Attack Surge
A critical Gemini AI vulnerability in Chrome exposes EU AI Act gaps, Microsoft Copilot's upcoming DLP changes raise GDPR red flags, Google Cloud attack patterns shift toward software exploitation with NIS2 implications, and Russian state-sponsored messaging hijacks demand immediate incident reporting under European frameworks.
π΄ CVE-2026-0628: Gemini AI Chrome Vulnerability & EU AI Act Implications
β οΈ HIGH SEVERITY β CVSS 8.8
CVE-2026-0628 β Elevation of privilege vulnerability in Google's Gemini AI integration within Chrome. Malicious browser extensions can exploit the flaw to gain elevated access to AI-processed data and system resources.
This vulnerability strikes at the heart of a growing regulatory concern: AI systems embedded in consumer products are becoming attack vectors. Under the EU AI Act, which entered its enforcement phase in February 2025, AI system providers bear explicit responsibility for security throughout the product lifecycle.
Regulatory Framework Impact
| Regulation | Requirement | Impact of CVE-2026-0628 |
|---|---|---|
| EU AI Act (Art. 15) | AI systems must achieve appropriate levels of accuracy, robustness, and cybersecurity | Elevation of privilege via AI component directly violates robustness requirements |
| EU AI Act (Art. 9) | Risk management system must address foreseeable misuse | Extension-based exploitation is a foreseeable attack vector for browser-embedded AI |
| NIS2 (Art. 21) | Supply chain security and vulnerability handling | Organizations using Chrome with Gemini must patch within mandated timeframes |
π‘οΈ Compliance Action Required
Organizations deploying Chrome with Gemini AI features in regulated environments should:
- Apply Google's security update immediately β delay may constitute a NIS2 compliance gap
- Audit all browser extensions against an approved whitelist
- Document this vulnerability in your EU AI Act risk management records
- Assess whether AI-processed data includes personal data triggering GDPR obligations
βοΈ Google Cloud Attack Shift: Software Flaws Overtake Credentials as Top Vector
New research reveals a fundamental shift in how attackers compromise Google Cloud environments: software vulnerability exploitation has overtaken weak credentials as the primary initial access vector. This development has significant implications for NIS2-mandated vulnerability management programs.
For years, cloud security focused on identity and access management β strong passwords, MFA, least privilege. While these remain essential, the attack surface has shifted. Threat actors are now primarily targeting unpatched software components, misconfigured APIs, and vulnerable third-party integrations within cloud workloads.
NIS2 Vulnerability Management Obligations
Under NIS2 Article 21, essential and important entities must implement "vulnerability handling and disclosure" as a core cybersecurity risk management measure. This cloud attack trend makes the requirement more critical than ever:
- Continuous vulnerability scanning β NIS2 requires proactive identification, not just reactive patching
- Risk-based prioritization β CVSS scores alone are insufficient; exploit availability and asset criticality must factor in
- Patch management timelines β Critical vulnerabilities in internet-facing cloud services demand rapid remediation
- Third-party component tracking β SBOMs (Software Bills of Materials) are becoming a de facto NIS2 compliance tool
β οΈ DORA Consideration for Financial Entities
Financial institutions running workloads on Google Cloud must align this threat shift with their DORA ICT risk management framework. DORA Article 7 mandates that ICT risk management includes identification of "all sources of ICT risk" β a shift in attack patterns qualifies as a material change requiring framework updates.
π€ Microsoft Copilot DLP Changes: GDPR Data Protection Under Pressure
Microsoft has announced upcoming changes to Data Loss Prevention (DLP) controls for Copilot, scheduled for April 2026. The changes will alter how Copilot interacts with files labeled as confidential or restricted β and compliance officers should take notice now.
The core concern: AI assistants with broad file access can inadvertently surface, summarize, or transmit personal data in ways that undermine existing DLP policies. If Copilot can read a confidential HR document and include its contents in a meeting summary, the data processing may exceed the original legal basis under GDPR.
Key GDPR Implications
- Purpose limitation (Art. 5(1)(b)): Data collected for one purpose may be processed by Copilot for incompatible purposes
- Data minimization (Art. 5(1)(c)): AI assistants inherently process more data than necessary for specific tasks
- Lawful basis (Art. 6): Automated AI processing of employee or customer data may require reassessment of legal grounds
- DPIA obligation (Art. 35): Large-scale AI processing of sensitive data likely triggers mandatory Data Protection Impact Assessments
π Pre-April Compliance Checklist
- Review current Microsoft 365 sensitivity labels and Copilot access scopes
- Conduct or update DPIA for Copilot deployment
- Verify that Copilot's data processing is covered in your GDPR Records of Processing Activities
- Brief your DPO on the upcoming DLP changes and potential exposure
- Consider restricting Copilot access to files with "Confidential" or higher sensitivity labels until new controls are validated
π΅οΈ Russian State-Sponsored Signal & WhatsApp Hijacking: NIS2 Incident Reporting Triggered
The Dutch government's AIVD intelligence service has issued a formal warning about Russian state-sponsored actors hijacking Signal and WhatsApp accounts of government officials and critical infrastructure personnel. The campaign uses device-linking features to silently mirror encrypted conversations.
This is not merely an intelligence concern β it has direct regulatory consequences under multiple European frameworks.
Regulatory Reporting Obligations
| Framework | Reporting Requirement | Timeline |
|---|---|---|
| NIS2 (Art. 23) | Significant incidents affecting essential/important entities must be reported to national CSIRT | Early warning within 24 hours; full notification within 72 hours |
| GDPR (Art. 33) | Personal data breach notification to supervisory authority | Without undue delay, within 72 hours |
| DORA (Art. 19) | Major ICT-related incidents in financial entities | Initial notification within 4 hours of classification |
β οΈ Critical for Government & Critical Infrastructure
If your organization is classified as an essential or important entity under NIS2, any confirmed or suspected compromise of employee messaging accounts constitutes a reportable incident. The state-sponsored nature elevates severity classification.
Immediate Actions
- Audit all linked devices on Signal and WhatsApp for organizational accounts
- Implement mobile device management (MDM) policies restricting device-linking
- Include messaging platform compromise in your NIS2 incident response playbooks
- Train personnel to recognize social engineering tactics used to initiate device linking
π£ Microsoft Teams Phishing & Fake AI Extensions: Supply Chain Security Under DORA and EU AI Act
Two concurrent threats highlight the expanding attack surface of collaboration tools and AI-branded software:
Microsoft Teams phishing campaigns are deploying the A0Backdoor malware, primarily targeting financial services and healthcare organizations β sectors directly regulated by DORA and NIS2 respectively.
Fake AI browser extensions masquerading as legitimate AI tools are stealing credentials, browsing data, and session tokens. These extensions exploit consumer trust in AI branding to distribute malware through official browser extension stores.
Regulatory Intersection
- DORA (Art. 9 β Protection and prevention): Financial entities must implement mechanisms to "promptly detect anomalous activities" β Teams-based malware delivery must be addressed in ICT security policies
- EU AI Act (Art. 5 β Prohibited practices): While not directly prohibited, fake AI tools that mislead users into installing malware may fall under deceptive AI practice concerns
- EU AI Act supply chain: Organizations integrating third-party AI tools must verify their provenance β a fake extension posing as an AI assistant represents a supply chain compromise
- NIS2 (Art. 21 β Supply chain security): Browser extensions used in enterprise environments are part of the digital supply chain and must be assessed for risk
π Supply Chain Verification Steps
- Maintain a whitelist of approved browser extensions and AI tools
- Block unauthorized extension installations via group policy or MDM
- Implement email and Teams message filtering for known phishing indicators
- Require vendor security assessments for any AI tool integrated into workflows
Stay Ahead of Regulatory Requirements with KENSAI
KENSAI automates compliance monitoring across NIS2, DORA, GDPR, and the EU AI Act β mapping real-time threats to your regulatory obligations. AI-powered risk assessment, automated gap analysis, and audit-ready reporting.
Request a Compliance Demoπ― Actionable Takeaways for Compliance Officers
- Patch CVE-2026-0628 immediately β Update Chrome and audit browser extensions; document in EU AI Act risk management records
- Reassess cloud vulnerability management β The shift to software-flaw exploitation means NIS2 vulnerability handling programs must evolve beyond credential-focused controls
- Prepare for Copilot DLP changes β Conduct or update DPIAs before April; review sensitivity labels and AI access scopes under GDPR
- Update incident response for messaging hijacks β State-sponsored Signal/WhatsApp compromise is a NIS2-reportable incident; ensure 24-hour early warning capability
- Harden collaboration tool supply chains β Teams phishing and fake AI extensions require DORA-compliant detection mechanisms and EU AI Act supply chain verification
Stay compliant, stay secure,
The KENSAI Regulatory Intelligence Team
Weekly regulations & compliance analysis powered by AI threat intelligence. Published every Monday at 06:00 CET.