{"id":36185,"date":"2025-12-11T09:02:17","date_gmt":"2025-12-11T09:02:17","guid":{"rendered":"https:\/\/metaverseplanet.net\/blog\/?p=36185"},"modified":"2026-01-05T08:00:34","modified_gmt":"2026-01-05T08:00:34","slug":"frightening-warning-about-ai-powered-browsers","status":"publish","type":"post","link":"https:\/\/metaverseplanet.net\/blog\/frightening-warning-about-ai-powered-browsers\/","title":{"rendered":"Frightening Warning About AI-Powered Browsers: Either Don&#8217;t Use Them or Take Precautions"},"content":{"rendered":"\n<p>Analysts state that next-generation <strong>&#8220;agentic browsers&#8221;<\/strong> increase the risk of <strong>data leakage<\/strong> and <strong>credential theft<\/strong> due to their <strong>autonomous action capabilities<\/strong>. Sensitive company information sent to the <strong>artificial intelligence<\/strong> behind these browsers creates a major danger. Leading market analysis firms like <strong>Gartner<\/strong> have issued a significant warning that these new-generation AI-powered browsers, referred to as <strong>&#8220;agentic browsers,&#8221;<\/strong> are too risky for most organizations to use.<\/p>\n\n\n\n<p>In a report published last week titled &#8220;Cybersecurity Should Block AI Browsers for Now,&#8221; the firm notes that default <strong><em><a href=\"https:\/\/metaverseplanet.net\/blog\/opera-adds-googles-gemini-ai-tool-to-its-browser\/\" data-type=\"post\" data-id=\"17286\">AI browser<\/a><\/em> settings<\/strong> prioritize <strong>user experience<\/strong> rather than <strong>security<\/strong>.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Defining the Risks of Agentic Browsers<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"940\" height=\"529\" src=\"https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/12\/Frightening-Warning-About-AI-Powered-Browsers.webp\" alt=\"\" class=\"wp-image-36188\" srcset=\"https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/12\/Frightening-Warning-About-AI-Powered-Browsers.webp 940w, https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/12\/Frightening-Warning-About-AI-Powered-Browsers-300x169.webp 300w, https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/12\/Frightening-Warning-About-AI-Powered-Browsers-768x432.webp 768w, https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/12\/Frightening-Warning-About-AI-Powered-Browsers-390x220.webp 390w, https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/12\/Frightening-Warning-About-AI-Powered-Browsers-150x84.webp 150w\" sizes=\"(max-width: 940px) 100vw, 940px\" \/><\/figure>\n\n\n\n<p>When defining these <strong>AI browsers<\/strong>, analysts include tools possessing:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>An <strong>AI Side Panel<\/strong> that offers users the ability to <strong>summarize<\/strong> or <strong>translate<\/strong> web content using <strong>AI services<\/strong> provided by the browser developer.<\/li>\n\n\n\n<li><strong>Agentic Action Capabilities<\/strong> that allow the browser to navigate websites <strong>autonomously<\/strong> and complete tasks, particularly within <strong>authenticated web sessions<\/strong>.<\/li>\n<\/ul>\n\n\n\n<p><strong>Gartner&#8217;s<\/strong> document warns that <strong>AI side panels<\/strong> pose a serious <strong>data risk<\/strong>. Sensitive user data, such as <strong>active web content<\/strong>, <strong>browsing history<\/strong>, and <strong>open tabs<\/strong>, is frequently sent to a <strong>cloud-based AI back-end<\/strong>. This situation increases the risk of <strong>data leakage<\/strong> unless security and privacy settings are managed centrally.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Vulnerabilities and Agentic Threats<\/strong><\/h2>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"1024\" height=\"686\" src=\"https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/11\/Worlds-Most-Popular-AI-Browser-Comets-Android-App-is-Out-1024x686.webp\" alt=\"\" class=\"wp-image-34700\" srcset=\"https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/11\/Worlds-Most-Popular-AI-Browser-Comets-Android-App-is-Out-1024x686.webp 1024w, https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/11\/Worlds-Most-Popular-AI-Browser-Comets-Android-App-is-Out-300x201.webp 300w, https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/11\/Worlds-Most-Popular-AI-Browser-Comets-Android-App-is-Out-768x515.webp 768w, https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/11\/Worlds-Most-Popular-AI-Browser-Comets-Android-App-is-Out-150x101.webp 150w, https:\/\/metaverseplanet.net\/blog\/wp-content\/uploads\/2025\/11\/Worlds-Most-Popular-AI-Browser-Comets-Android-App-is-Out.webp 1200w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>Gartner&#8217;s<\/strong> concerns regarding <strong>agentic capabilities<\/strong> stem primarily from these browsers being vulnerable to various threats. The biggest dangers include:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Fraudulent agent actions<\/strong> resulting from <strong>indirect prompt injection<\/strong>.<\/li>\n\n\n\n<li><strong>Erroneous agent actions<\/strong> resulting from <strong>hallucinations (faulty reasoning)<\/strong>.<\/li>\n\n\n\n<li><strong>Misuse of credentials<\/strong> if the <strong>AI browser<\/strong> is autonomously redirected to a <strong>phishing website<\/strong>.<\/li>\n<\/ul>\n\n\n\n<p>The authors believe that employees using <strong>AI browsers<\/strong> to <strong>automate mandatory or repetitive tasks<\/strong> carries certain risks. For instance, an employee might instruct the AI to complete mandatory <strong>cybersecurity training<\/strong>. A more concrete scenario involves <strong>agentic browsers<\/strong> being used in internal company <strong>procurement tools<\/strong>; in this case, <strong>Large Language Models (LLMs)<\/strong> could make errors resulting in consequences like ordering the wrong office supplies or booking the wrong flight.<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity is-style-wide\"\/>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Blocking and Preventive Measures<\/strong><\/h2>\n\n\n\n<p>To mitigate these risks, <strong>Gartner<\/strong> states that the <strong>back-end AI services<\/strong> powering an <strong>AI browser<\/strong> must first be examined to understand if their <strong>security measures<\/strong> present an acceptable risk for the organization. If the <strong>back-end AI<\/strong> is approved, organizations should still teach users to ensure that highly <strong>sensitive data<\/strong> is not active in the browser tab while using the side panel for <strong>summarization<\/strong> or other <strong>autonomous actions<\/strong>.<\/p>\n\n\n\n<p>However, if it is decided that the <strong>back-end AI<\/strong> is too risky, <strong>Gartner<\/strong> advises <strong>blocking<\/strong> users from <strong>downloading<\/strong> or <strong>installing<\/strong> AI browsers.<\/p>\n\n\n\n<p>Additionally, they suggest using settings to prevent <strong>agentic browsers<\/strong> from performing certain actions, such as sending emails, and utilizing settings that ensure <strong>AI browsers<\/strong> do not <strong>store data<\/strong>. In general, analysts believe that <strong>AI browsers<\/strong> are too dangerous to use without first conducting a <strong>risk assessment<\/strong>. Even after this assessment, they note that organizations will likely face a long list of <strong>prohibited use cases<\/strong> and a continuous <strong>auditing task<\/strong> to enforce these policies.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">You Might Also Like;<\/h3>\n\n\n<ul class=\"wp-block-latest-posts__list wp-block-latest-posts\"><li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/metaverseplanet.net\/blog\/how-the-human-body-digests-food-in-zero-gravity\/\">How the Human Body Digests Food in Zero Gravity<\/a><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/metaverseplanet.net\/blog\/decoding-toyotas-cue7-basketball-robot\/\">The AI Revolution on the Court: Decoding Toyota&#8217;s CUE7 Basketball Robot<\/a><\/li>\n<li><a class=\"wp-block-latest-posts__post-title\" href=\"https:\/\/metaverseplanet.net\/blog\/the-dark-side-of-nanotechnology\/\">The Dark Side of Nanotechnology: Could Microscopic Swarms Erase Billions?<\/a><\/li>\n<\/ul>","protected":false},"excerpt":{"rendered":"<p>Analysts state that next-generation &#8220;agentic browsers&#8221; increase the risk of data leakage and credential theft due to their autonomous action capabilities. Sensitive company information sent to the artificial intelligence behind these browsers creates a major danger. Leading market analysis firms like Gartner have issued a significant warning that these new-generation AI-powered browsers, referred to as &hellip;<\/p>\n","protected":false},"author":1,"featured_media":36189,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"googlesitekit_rrm_CAown96uCw:productID":"","footnotes":""},"categories":[332],"tags":[335],"class_list":["post-36185","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ai-information","tag-ai-news"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/posts\/36185","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/comments?post=36185"}],"version-history":[{"count":0,"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/posts\/36185\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/media\/36189"}],"wp:attachment":[{"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/media?parent=36185"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/categories?post=36185"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/metaverseplanet.net\/blog\/wp-json\/wp\/v2\/tags?post=36185"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}