A security warning is a nasty surprise, especially if the add-on in question claims that it exists to protect your privacy. Researchers at Koi Security say Urban VPN Proxy, a VPN extension for Google Chrome and Microsoft Edge, has started logging users’ AI assistant conversations and sending them to a data broker.
Urban VPN Proxy looked legit, with a 4.7-star rating, the Google logo, and more than six million installs on Chrome. Another 1.3 million people have it installed on Edge. However, Koi says the extension’s behavior changed after a silent update on July 9, 2025, when the publisher shipped version 5.5.0.
From that point on, Koi claims the extension intercepted both user input and assistant responses across eight platforms: ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok (xAI), and Meta AI.
According to the report, the captured prompts and responses were packaged and sent to Urban Cybersecurity’s parent company, BiScience (BI Science (2009) Ltd), which Koi describes as a data broker that collects browsing history and device IDs on a large scale. Koi also claims to have found the same harvesting code in seven other expansions from the same publisher. If you are still worried about your privacy, check out the best VPN services now.
The consent line that changes everything
Koi refers to Urban VPN Proxy’s setup consent screen, which refers to the processing of “ChatAI communications,” as well as a privacy policy that describes the sharing of data for marketing analytics purposes.
Still, the practical reality is harsh. Extensions can auto-update on Chrome and Edge, so people who have an older version installed may have been silently updated to Chat Collection. Koi also says the store listing portrayed the tool as protecting users from entering personal information into AI chatbots, which contradicts the claim that it captured chats regardless of whether protections were enabled or not.
What you should do now
If you have used Urban VPN Proxy, assume that AI chats may have been exposed since July 9, 2025. Remove it in Chrome at chrome://extensions or in Edge at edge://extensions and then consider clearing cookies and cached website data. If you have shared sensitive information, a password reset is an appropriate precaution.
According to Google, the featured badge signals best practices and a high standard of user experience and design. However, this shows that the label is not a guarantee. The easiest next step is also the most boring: check your extensions, delete anything you don’t trust, and keep the most personal things out of chat boxes.
