Warning: AI Browsers Can Operate Autonomously but Lack Strict Controls, Risking Data Leaks Without Awareness

In this new era of technology, it is undeniable that AI is becoming part of everything—from wearable gadgets that users carry with them constantly to software where AI is now either a component or an assistant. Recently, a new battleground is emerging around browsers—the web browsers we use every day.

In July 2025, Perplexity launched an AI browser called Comet. Shortly after, in October, OpenAI introduced its competitor named Atlas. This gave people worldwide a new way to use AI—not just by typing questions in a chat, but by having AI integrated into the browser to perform tasks on the user's behalf. However, this has raised concerns among analysts about potential consequences.

How does an AI Browser work?

An AI browser acts as a personal assistant that can summarize information on web pages, emails, and even perform repetitive, time-consuming tasks or fill in information for the user. In simple terms, it automates web browsing, making searching and usage more convenient and user-friendly.

However, Gartner recently warned that this automation in browsers is a double-edged sword. When AI can access websites where users are logged in (Authenticated Web Resources), it may gain access to customer data, financial information, strategic data, and personally identifiable information (PII). If configurations are not strict, this could lead to critical data leaks.

Five Cybersecurity Risks from AI Browsers

Allowing AI browsers to operate grants them access to view sensitive data, which could be used to train AI models improperly if settings are incorrect. According to the Gartner report "Cybersecurity Must Block AI Browsers for Now" by analysts Dennis Xu, Evgeny Mirolyubov, and Jon Watts, the automated nature of AI browsers combined with login-required websites could threaten data security.

The risk of data leaks is similar to challenges organizations face when using ChatGPT or Copilot. Protecting data in ChatGPT requires policy frameworks, processes, and technology working together. AI browsers, however, elevate these risks with five main threats:

• Prompt Injection Attacks Embedding malicious commands to trick AI into performing unauthorized actions.
• Unapproved Data Sharing/Training Sharing data or using it for model training without permission.
• Credential Abuse Misusing authentication credentials.
• Shadow AI and Shadow IT Using AI outside of security team control.
• Automating Security Awareness Training Replacing human-led security training processes with AI automation.

Gartner offers technical recommendations organizations can initially implement to reduce AI browser risks, including:

• Assess Platform Risks Organizations should thoroughly review backend systems of AI browser services to weigh benefits against risks. Those who have previously approved ChatGPT or Perplexity usage may already have baseline evaluations.
• Catalogue Sensitive Data With widespread AI use, including unmanaged Shadow AI, identifying and classifying critical data urgently becomes necessary. AI-native solutions like Forcepoint Data Security Posture Management help organizations know where data resides, who accesses it, and its risk level—key to a secure AI strategy.
• Restrict Access Unlike many AI apps, AI browsers currently have few market players. Gartner advises organizations to prevent employees from downloading or using these browsers until clear policies are established.
• Proactively Protect Data Organizations must ensure users access only the data necessary for their roles. If Prompt Injection enables attackers to reach logged-in web data, security systems should detect abnormal behavior, adapt to risks, and prevent escalation.

Source:Gartner

Follow the Facebook page: Thairath Money at the link below -https://www.facebook.com/ThairathMoney