Enterprise Security Risks of AI-Enabled Web Browsers
Gartner has issued a warning to businesses about the adoption of AI-powered or agentic web browsers, citing significant cybersecurity risks associated with these emerging technologies. These browsers, developed by both major vendors and new entrants such as OpenAI and Perplexity, offer advanced automation, content summarization, and workflow management features. However, Gartner's advisory urges CISOs to block all AI browsers for the foreseeable future, emphasizing that the convenience and efficiency gains do not outweigh the current security concerns, which include potential data leakage, unauthorized access, and the immaturity of security controls in these products.
Industry experts echo the need for caution, highlighting that while AI browsers can streamline research and personalization, they also introduce new attack surfaces and risks related to credential theft, session hijacking, and exposure of sensitive information. The rapid integration of AI into browsers has outpaced the development of robust governance, observability, and lifecycle management practices, making it critical for organizations to prioritize security and oversight before deploying these tools in business environments.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Security guidance published for enterprise GenAI browser use
Security practitioners published detailed recommendations for securing browser-based GenAI use, including browser-level policies, isolation, data controls, SSO enforcement, extension monitoring, and continuous telemetry. The guidance framed enterprise browser use of GenAI as a growing risk area requiring structured governance rather than ad hoc adoption.
Gartner warns businesses to block AI browsers
Gartner analysts advised CISOs to block AI-powered or agentic browsers in enterprise environments, citing immature security controls, data leakage risks, prompt injection exposure, and unsafe default settings. Multiple later reports and commentary referenced this warning as the key triggering event in the story.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
Securing GenAI in the Browser: Policy, Isolation, and Data Controls That Actually Work
thehackernews.com
Open sourceGartner Tells Businesses to Block AI Browsers Now
fortra.com
Open sourceGartner urges businesses to 'block all AI browsers' - what's behind the dire warning
zdnet.com
Open sourceAutomation Without Risks: Staying Secure with AI Browsers
securitysenses.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


