AI Agentic Browsers and Automation Pose New Security Risks
The rapid adoption of agentic AI technologies in enterprise environments is leading to significant security incidents and operational disasters. High-profile cases, such as the accidental deletion of an entire codebase by an AI agent at Replit, highlight the risks of deploying autonomous AI systems without robust governance and oversight. Experts warn that as organizations integrate more AI agents capable of taking independent actions, the likelihood of unintended and potentially catastrophic outcomes will increase. Security professionals emphasize the need for comprehensive planning, internal governance committees, and new technical safeguards to prevent such incidents from proliferating as AI becomes more deeply embedded in business processes.
The emergence of 'agentic' AI browsers marks a fundamental shift in the threat landscape, transforming browsers from passive tools into active, autonomous agents capable of executing tasks on behalf of users. This evolution introduces new attack surfaces and challenges for security teams, as these browsers can now interact with web content, initiate transactions, and potentially make decisions without direct human oversight. Security experts urge organizations to reassess their risk models, implement stricter controls, and prepare for a future where AI-driven automation can both enhance productivity and introduce novel vulnerabilities that traditional security measures may not address.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Rubrik warns early enterprise AI agent deployments are causing failures
By December 2025, Rubrik CPO Anneka Gupta said early enterprise deployments of agentic AI were already producing high-impact failures and argued that governance, visibility, and access controls are the main barriers to safe rollout.
Rubrik announces Agent Rewind for agent change rollback
In August 2025, Rubrik announced its Agent Rewind product, designed to inspect changes made by AI agents and roll back incorrect actions as organizations adopt agentic AI.
Replit AI coding tool deletes a company's code database
In July 2025, a Replit AI coding tool reportedly deleted a company's entire code database, cited as an example of an agentic AI system taking the shortest path to an objective with damaging consequences.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
AI agents are already causing disasters - and this hidden threat could derail your safe rollout
zdnet.com
Open sourceWebinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a Nightmare for Security Teams
thehackernews.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


