Subscribe

AI in the browser may be a hacker’s new favourite target: Here's how

A report from SquareX reveals that Browser AI Agents are now a significant cybersecurity vulnerability, surpassing human employees. These agents lack the intuition to detect threats, making them susceptible to attacks, and traditional security measures struggle to identify compromised AI behavior.

Livemint
Updated1 Jul 2025, 10:08 PM IST
Advertisement
A fundamental shift in enterprise cybersecurity is underway, with the emergence of Browser AI Agents as a new and potentially more dangerous vulnerability than human users, according to a new report from cybersecurity firm SquareX.
A fundamental shift in enterprise cybersecurity is underway, with the emergence of Browser AI Agents as a new and potentially more dangerous vulnerability than human users, according to a new report from cybersecurity firm SquareX.

A fundamental shift in enterprise cybersecurity is underway, with the emergence of Browser AI Agents as a new and potentially more dangerous vulnerability than human users, according to a new report from cybersecurity firm SquareX, (via Techradar).

Advertisement

According to the publication, once hailed for their potential to boost productivity by handling repetitive online tasks, these AI-driven browser agents are now being flagged as major security blind spots. SquareX’s research claims these automated tools are more susceptible to cyberattacks than human employees, challenging the long-standing assumption that human error is the weakest link in organisational security, the report added.

You may be interested in

14% OFF

Browser AI in 30 Minutes: Rust + WebAssembly Crash Course

  • Browser AI in 30 Minutes: Rust + WebAssembly Crash Course

₹2627

₹3043

Get This

AI Language Hacks: Smart Learning Revolution (Japanese Edition)

  • AI Language Hacks: Smart Learning Revolution (Japanese Edition)

₹142

Get This

34% OFF

Quick Heal | Total Security | 2 Users | 3 Years | AI Based Device Security for Windows PC | Banking and Browsing Protection | Dark Web Monitoring and Parental Control (Email Delivery in 1 Hour- No CD)

  • Quick Heal | Total Security | 2 Users | 3 Years | AI Based Device Security for Windows PC | Banking and Browsing Protection | Dark Web Monitoring and Parental Control (Email Delivery in 1 Hour- No CD)

₹2799

₹4249

Get This

Skimming the Surface, a Digital Sea, Diving into the Deep, Dark secrets to see.: A Dive into Privacy Tools and AI: A Historical, Analytical, and Futuristic ... to Cybersecurity in the Era of AI Book 12)

  • Skimming the Surface
  • a Digital Sea
  • Diving into the Deep

₹449

Get This

Webbrowser Tool

  • Webbrowser Tool

Get This

Scrollin

  • Scrollin

Get This

Tips on advanced Python front-end technology - Dramatically improve execution speed on the browser when combined with WebAssembly - (Japanese Edition)

  • Tips on advanced Python front-end technology - Dramatically improve execution speed on the browser when combined with WebAssembly - (Japanese Edition)

₹259

Get This

Online Gaming in India: Technology, Policy and Challenges

  • Online Gaming in India: Technology
  • Policy and Challenges

₹7455

Get This

Ai Short Video Starter Guide: A short video revolution that begins with narration images (Japanese Edition)

  • Ai Short Video Starter Guide: A short video revolution that begins with narration images (Japanese Edition)

₹415

Get This

37% OFF

Quick Heal Antivirus Pro Latest Version - 2 PCs, 1 Year | AI Based Device Security for Laptop | Email and Browsing Protection (Email Delivery in 1 Hour- No CD)

  • Quick Heal Antivirus Pro Latest Version - 2 PCs
  • 1 Year | AI Based Device Security for Laptop | Email and Browsing Protection (Email Delivery in 1 Hour- No CD)

₹669

₹1069

Get This

“Browser AI Agents have now overtaken employees as the primary vulnerability within enterprises,” said Vivek Ramachandran, CEO of SquareX. “They can flawlessly carry out tasks, but completely lack the intuition to detect threats.”

Unlike staff who regularly receive cybersecurity training and are increasingly aware of phishing scams, suspicious links, and unfamiliar interfaces, these AI agents operate without any security instincts, the report noted. Driven solely by tasks, they fail to assess risk or question the authenticity of the websites and applications they interact with.

Advertisement

In a demonstration using the open-source Browser Use framework, SquareX instructed an agent to sign up for a file-sharing service. Instead, the agent unwittingly granted access to a malicious application linked to a suspicious domain, something a trained employee would likely have flagged. In another example, an agent was duped into entering login credentials on a phishing site during what appeared to be a routine Salesforce login.

Also Read | WhatsApp scam alert! Amul warns against fake ₹5,000 vouchers with ‘Amul Girl’

“These tools function with the same access rights as the user they represent,” the researchers explained. “That makes it incredibly difficult for traditional security solutions to distinguish between legitimate activity and compromised AI behaviour.”

Reportedly, this parity in access privileges means that, once compromised, a browser agent can give hackers unrestricted access to enterprise systems, all without triggering standard security alerts. SquareX warns that even leading cybersecurity platforms, from Endpoint Protection to Zero Trust Network Access (ZTNA) systems, are ill-equipped to deal with this emerging threat.

Advertisement

The company urges enterprises to adopt browser-native security solutions, such as Browser Detection and Response (BDR), which can help identify suspicious agent activity in real-time. Until major browsers integrate native safeguards for AI-driven automation, oversight mechanisms must be developed independently.

“There is an urgent need not just for smarter AI agents, but for smarter oversight,” the report concludes.

 
Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
Business NewsTechnologyNewsAI in the browser may be a hacker’s new favourite target: Here's how
Read Next Story