Skip to main content
Meet us at Black Hat USA 2026— Las Vegas, August 1–6Book a Meeting
Mallory
Back to intelligence
ai-platform-securityidentity-authentication-vulnerabilitydata-exfiltration-methodendpoint-software-vulnerability

SquareX Research Reveals Critical Security Vulnerabilities in AI Browsers

Updated 2d agoFirst seen Oct 9, 20256 sources

SquareX has published research highlighting significant security vulnerabilities in AI-powered web browsers, raising concerns for enterprises and consumers as these browsers gain widespread adoption. The research demonstrates that AI browsers, such as Comet, can be easily manipulated by attackers due to their task-oriented design and lack of inherent security awareness. Attackers can exploit these browsers to perform OAuth attacks, which can result in unauthorized access to sensitive enterprise SaaS applications, including email and cloud storage services like Google Drive. In one documented case, an AI browser was tricked into granting attackers full access to a victim's email and Google Drive, enabling the exfiltration of all files, including those shared by colleagues and customers. The vulnerabilities also extend to the distribution of malware and malicious links, as AI browsers can be convinced to download and execute harmful files as part of their automated workflows. SquareX warns that as major technology companies such as OpenAI, Microsoft, Google, and The Browser Company enter the AI browser market, the risk surface will expand dramatically. With Chrome and Edge accounting for 70% of the browser market, the transition to AI browsers could put millions of users at risk if security guardrails are not implemented. The research emphasizes the need for browser-native solutions that incorporate agentic identity and data loss prevention (DLP) tailored to the unique behaviors of AI agents. SquareX's findings suggest that without such measures, attackers will continue to find it trivial to bypass security controls by exploiting the automation and decision-making capabilities of AI browsers. The report also notes that AI browsers are likely to become the primary interface for internet use in the near future, making the urgency of addressing these vulnerabilities even greater. Enterprises are advised to prepare for these emerging threats by evaluating the security posture of AI browsers before widespread deployment. The research calls for industry collaboration to develop standards and best practices for securing AI-driven browsing environments. SquareX's technical blog provides detailed case studies illustrating the real-world impact of these vulnerabilities, underscoring the practical risks faced by organizations. The disclosure has prompted discussions within the cybersecurity community about the need for proactive defense strategies as AI technologies become more deeply integrated into everyday tools. Security experts echo SquareX's concerns, warning that the rapid adoption of AI browsers without adequate safeguards could lead to large-scale data breaches and malware outbreaks. The research serves as a wake-up call for both browser developers and enterprise security teams to prioritize the development and deployment of robust security mechanisms for AI-powered browsing platforms.

Share:
SquareX Research Reveals Critical Security Vulnerabilities in AI Browsers
Stay ahead

Get ahead of threats like this

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.

EVENT TIMELINE

How this story unfolded

1 event from the most recent confirmed update back to the earliest known activity.

1 EVENTS
Oct 9, 20259mo ago

SquareX discloses security risks affecting AI browsers

SquareX reported that AI-enabled browsers can be abused through OAuth attacks, malicious link distribution, and malware download scenarios, highlighting risks such as data theft and unsafe automated actions. Multiple outlets covered the same disclosure as a single research finding.

LINKED ENTITIES

Related entities

Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.

6 LINKEDOpen in app
Organizations
6 linked
The Browser CompanyOpenaiMicrosoft CorporationGoogleSquareXDomino’s Pizza Enterprises Ltd.
The operational view lives in Mallory

See the full picture, correlated to your attack surface.

This page covers what’s public. Mallory adds the parts that aren’t — which of your assets are affected, which threat actors are using it right now, which detections to deploy, and what to do next.
Exposure mapping

Map indicators from this story to your assets and identify affected systems in minutes.

Threat actor evidence

Every observed campaign, victim, and pivot linked to actors named in this story.

Associated malware

Malware, exploits, and IOCs connected to the activity described here.

Detection signatures

YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.

Scheduled alerts

Get matching new stories delivered to your team as they break — not the next morning.

AI threads

Ask questions about this story and take action on the answers.