Nearly 1 million browsers have been turned into website scraping bots through 245 browser extensions that override security protections, according to researcher John Tuckner. These extensions, which serve various functions, incorporate the MellowTel-js library to monetize their use by scraping websites for paying clients, including AI startups, while raising concerns about user privacy and security.

FreeVPN.One, initially a trusted VPN, has been caught secretly capturing users' screens and sensitive information without consent through a series of updates that expanded its permissions and functionality. Despite claiming to protect user privacy, the extension employs deceptive practices to surveil users, raising serious concerns about security in browser marketplaces. The article highlights the risks associated with malicious extensions and the need for better oversight in software security.