Latest news with #SquareX
Mint
01-07-2025
- Business
- Mint
AI in the browser may be a hacker's new favourite target: Here's how
A fundamental shift in enterprise cybersecurity is underway, with the emergence of Browser AI Agents as a new and potentially more dangerous vulnerability than human users, according to a new report from cybersecurity firm SquareX, (via Techradar). According to the publication, once hailed for their potential to boost productivity by handling repetitive online tasks, these AI-driven browser agents are now being flagged as major security blind spots. SquareX's research claims these automated tools are more susceptible to cyberattacks than human employees, challenging the long-standing assumption that human error is the weakest link in organisational security, the report added. 'Browser AI Agents have now overtaken employees as the primary vulnerability within enterprises,' said Vivek Ramachandran, CEO of SquareX. 'They can flawlessly carry out tasks, but completely lack the intuition to detect threats.' Unlike staff who regularly receive cybersecurity training and are increasingly aware of phishing scams, suspicious links, and unfamiliar interfaces, these AI agents operate without any security instincts, the report noted. Driven solely by tasks, they fail to assess risk or question the authenticity of the websites and applications they interact with. In a demonstration using the open-source Browser Use framework, SquareX instructed an agent to sign up for a file-sharing service. Instead, the agent unwittingly granted access to a malicious application linked to a suspicious domain, something a trained employee would likely have flagged. In another example, an agent was duped into entering login credentials on a phishing site during what appeared to be a routine Salesforce login. 'These tools function with the same access rights as the user they represent,' the researchers explained. 'That makes it incredibly difficult for traditional security solutions to distinguish between legitimate activity and compromised AI behaviour.' Reportedly, this parity in access privileges means that, once compromised, a browser agent can give hackers unrestricted access to enterprise systems, all without triggering standard security alerts. SquareX warns that even leading cybersecurity platforms, from Endpoint Protection to Zero Trust Network Access (ZTNA) systems, are ill-equipped to deal with this emerging threat. The company urges enterprises to adopt browser-native security solutions, such as Browser Detection and Response (BDR), which can help identify suspicious agent activity in real-time. Until major browsers integrate native safeguards for AI-driven automation, oversight mechanisms must be developed independently. 'There is an urgent need not just for smarter AI agents, but for smarter oversight,' the report concludes.
Techday NZ
30-06-2025
- Business
- Techday NZ
Browser AI agents seen as bigger security risk than employees
SquareX's latest research suggests that Browser AI Agents now pose a greater security risk to organisations than employees. Browser AI Agents are software programs that perform browser-based tasks for users, including booking flights, scheduling meetings, and conducting research. Their usage has seen considerable growth, with a PWC survey indicating that 79% of organisations have already adopted some form of browser agent. These agents offer measurable productivity gains, but SquareX's analysis found that their security awareness is limited compared to that of human employees. Unlike people, Browser AI Agents do not participate in regular security training and lack the ability to detect common warning signs found in malicious websites, such as suspicious URLs or unnecessary permission requests. The company's research highlights that even fundamental security practices can be missed by Browser AI Agents. For example, while a human might notice and avoid a dubious website or application, agents are more likely to proceed, often exposing sensitive company data. SquareX pointed out the additional challenge that writing prompts to manage security risks for every agent task can undermine productivity gains, and most users are unlikely to have the expertise to do so effectively. To demonstrate these risks, SquareX conducted an experiment using the widely adopted open-source Browser Use framework. In this scenario, the Browser AI Agent was asked to find and register for a file-sharing tool. During the process, the agent fell victim to an OAuth attack, inadvertently granting a malicious application full access to the user's email account. This occurred despite several signals — such as requests for irrelevant permissions, unfamiliar branding, and suspicious URLs — that would likely have caused a human operator to hesitate. SquareX's team warned that similar scenarios could see agents unknowingly expose sensitive information, such as credit card data during online purchases or responding to phishing emails with confidential details. The inability of traditional security tools and browsers to distinguish between human and agent actions exacerbates this risk, as malicious instructions can be executed without intervention. Industry perspective Vivek Ramachandran, Founder & CEO of SquareX, commented on the findings, explaining the shift in security risk within organisations: "The arrival of Browser AI Agents have dethroned employees as the weakest link within organizations. Optimistically, these agents have the security awareness of an average employee, making them vulnerable to even the most basic attacks, let alone bleeding-edge ones. Critically, these Browser AI Agents are running on behalf of the user, with the same privilege level to access enterprise resources. Until the day browsers develop native guardrails for Browser AI Agents, enterprises must incorporate browser-native solutions like Browser Detection and Response to prevent these agents from being tricked into performing malicious tasks. Eventually, the new generation of identity and access management tools will also have to take into account Browser AI Agent identities to implement granular access controls on agentic workflows." Security professionals are being advised to introduce browser-integrated protections and to treat the actions of Browser AI Agents with the same scrutiny as those of human users. Technical implications With traditional security tools unable to identify whether actions in the browser stem from a human or an AI agent, the potential for undetected compromise rises. The need for browser-native threat detection and response tools, capable of safeguarding both employees and automated agents, is therefore becoming more pressing. SquareX's findings further suggest that as the use of Browser AI Agents becomes more common, identity and access management systems will need to evolve. These systems must recognise and regulate AI agents to ensure that access privileges and security policies can be applied accurately to all entities operating within an organisation's digital infrastructure. The company recommends that organisations take a proactive approach, reviewing and updating their browser security frameworks in line with these developments. Without new guardrails, the delegation of routine tasks to Browser AI Agents may inadvertently increase the attack surface for cybercriminals targeting enterprises.
Business Insider
30-06-2025
- Business
- Business Insider
SquareX Reveals that Employees are No Longer the Weakest Link, Browser AI Agents Are
Palo Alto, California, June 30th, 2025, CyberNewsWire Every security practitioner knows that employees are the weakest link in an organization, but this is no longer the case. SquareX's research reveals that Browser AI Agents are more likely to fall prey to cyberattacks than employees, making them the new weakest link that enterprise security teams need to look out for. Browser AI Agents are software applications that act on behalf of users to access and interact with web content. Users can instruct these agents to automate browser-based tasks such as flight bookings, scheduling meetings, sending emails, and even simple research tasks. The productivity gains that Browser AI Agents provide make them an extremely compelling tool for employees and organizations alike. Indeed, a survey from PWC found that 79% of organizations have already adopted browser agents today. Yet, Browser AI Agents expose organizations to a massive security risk. These agents are trained to complete the tasks they are instructed to do, with little to no understanding of the security implications of their actions. Unlike human employees, Browser AI Agents are not subject to regular security awareness training. They cannot recognize visual warning signs like suspicious URLs, excessive permission requests, or unusual website designs that typically alert employees of a malicious site. Consequently, Browser AI Agents are more likely to fall prey to browser-based attacks than even a regular employee. Even if it is possible for users to add these guardrails, the overhead required to extensively write the security risk of every task performed by the agent in every prompt would probably outweigh the productivity gains. More importantly, employees using Browser AI Agents are unlikely to have enough security expertise to be able to write such a prompt in the first place. With the popular open-source Browser Use framework used by thousands of organizations, SquareX demonstrated how the Browser AI Agent, instructed to find and register for a file-sharing tool, succumbed to an OAuth attack. In the process of completing its task, it granted a malicious app complete access to the user's email despite multiple suspicious signals - irrelevant permissions, unfamiliar brands, suspicious URLs - that likely would have stopped most employees from granting these permissions. In other scenarios, these agents might expose the user's credit card information to a phishing site while trying to purchase groceries or disclose sensitive data when responding to emails from an impersonation attack. Unfortunately, neither browsers nor traditional security tools can differentiate between actions performed by users and these agents. Thus, it is critical for enterprises working with Browser AI Agents to provide browser-native guardrails that will prevent agents and employees alike from falling prey to these attacks. Vivek Ramachandran, Founder & CEO of SquareX, warns, 'The arrival of Browser AI Agents have dethroned employees as the weakest link within organizations. Optimistically, these agents have the security awareness of an average employee, making them vulnerable to even the most basic attacks, let alone bleeding-edge ones. Critically, these Browser AI Agents are running on behalf of the user, with the same privilege level to access enterprise resources. Until the day browsers develop native guardrails for Browser AI Agents, enterprises must incorporate browser-native solutions like Browser Detection and Response to prevent these agents from being tricked into performing malicious tasks. Eventually, the new generation of identity and access management tools will also have to take into account Browser AI Agent identities to implement granular access controls on agentic workflows.' To learn more about this security research, users can visit . SquareX's research team is also holding a webinar on July 11, 10am PT/1pm ET to dive deeper into the research findings. To register, users can click here. About SquareX SquareX's browser extension turns any browser on any device into an enterprise-grade secure browser. SquareX's industry-first Browser Detection and Response (BDR) solution empowers organizations to proactively detect, mitigate, and threat-hunt client-side web attacks, including malicious browser extensions, advanced spearphishing, browser-native ransomware, genAI DLP, and more. Unlike legacy security approaches and cumbersome enterprise browsers, SquareX seamlessly integrates with users' existing consumer browsers, ensuring enhanced security without compromising user experience or productivity. By delivering unparalleled visibility and control directly within the browser, SquareX enables security leaders to reduce their attack surface, gain actionable intelligence, and strengthen their enterprise cybersecurity posture against the newest threat vector - the browser. Find out more on Contact
Forbes
30-06-2025
- Forbes
Change Your Browser Settings Now—‘Massive Security Risk'
Warning as new AI attacks surface A new warning has just been issued for Chrome and Edge users, as the feared tidal wave of AI attacks takes on an alarming new dimension. It turns out that the latest buzz around agentic AI might be a security nightmare suddenly come true. The warning comes courtesy of SquareX. 'Every security practitioner knows that employees are the weakest link in an organization,' it says. 'But what if this is no longer the case?' It turns out that the browser agents now used by 79% of organizations might be doing more than saving time and money — they might be putting everyone at risk. Google already warns Chrome users to enable Safe Browsing. 'Each time that you visit a website or attempt a downloads,' it says, 'Chrome checks with Safe Browsing based on the protection level that you've selected.' But there's a level of protection beyond this. Enhanced protection is 'Google's most secure browsing experience, [and]Chrome users will be hardest hit by this warning, given the scale of its user base. But Edge also offers levels of protection. If you're using agents, set your browser protection to its highest level while doing so. It's nowhere near a catch-all, but it helps. This is important because it turns out AI tools have the cyber awareness of a toddler. And if you ever let your toddler loose on your work PC, you'd switch everything on. 'Browser AI Agents expose organizations to a massive security risk,' SquareX warns. 'These agents are trained to complete the tasks they are instructed to do, with little to no understanding of the security implications of their actions.' This means no savvy awareness, no training, no sense of danger. 'They cannot recognize visual warning signs like suspicious URLs, excessive permission requests, or unusual website designs that typically alert employees of a malicious site.' For attackers, this becomes child's play. Poison search results for typical tasks an agent might be given, and then harvest credentials or push malicious downloads, all without the agent's handler ever knowing there's an issue of any kind. Search result for 'salesforce' showing a phishing site as the first result due to a malvertising ... More campaign. 'Browser AI Agents are more likely to fall prey to browser-based attacks than even a regular employee,' SquareX says. 'Even if it is possible for users to add guardrails, the overhead required to extensively write the security risk of every task performed by the agent in every prompt would probably outweigh the productivity gains.' As with so many AI upgrades rapidly hitting phones and computers, the threats are not yet fully understood and the user base is too excited by the productivity gains to worry about the downsides. That will change. And beyond the security risks, there are also a raft of privacy concerns that similarly are just starting to hit home. As AI "becomes increasingly integrated into daily workflows,' a new report from Incogni warns, 'the potential for unauthorized data sharing, misuse, and personal data exposure has surged faster than privacy watchdogs or assessments can keep up with.' In its proofs of concept, SquareX shows how a Browser AI Agent, "instructed to find and register for a file sharing tool, succumbed to an OAuth attack." This then 'granted a malicious app complete access to the user's email despite multiple suspicious signals - irrelevant permissions, unfamiliar brands, suspicious URLs — that likely would have stopped most employees from granting these permissions.' In the same way, credit card information, access to file sharing apps, enterprise system credentials and any other web based tool the agent might find can be hacked. The risk stems from the agent operating with the user's authentication and access rights, but in the background without ever checking back to ensure risks are not being taken. As SquareX's Vivek Ramachandran told me, 'this attack works due to two core reasons. First, providers have no way to create a sub-identity for Browser AI Agents running on behalf of the user where further granular controls can be applied. This allows all Browser AI Agents to run on the same privilege levels as the user, providing them access to all enterprise SaaS apps, data and company resources that a real user has access to.' The answer is for enterprises "to provide browser-native guardrails that will prevent agents and employees alike from falling prey to these attacks.' Unfortunately, right now that's easier said than done.
Techday NZ
10-06-2025
- Techday NZ
Exclusive: SquareX's Audrey Adeline on why the browser is 'the new endpoint'
The browser is the new battleground. That's the message from Audrey Adeline of cybersecurity company SquareX, who has launched a practical Browser Detection and Response Manual to help organisations understand and defend against attacks in what she calls "the most used app on your device." "Eighty per cent of the time spent on a device is now in the browser," she explained to TechDay during a recent interview. "Yet it's one of the least protected surfaces in cybersecurity." Unveiled at the RSA Conference (RSAC'25) earlier this year, the manual has struck a chord with security leaders worldwide, selling out quickly and prompting strong feedback. The manual, written by Audrey Adeline and Vivek Ramachandran is titled: 'The Browser Security Field Manual'. "We were one of the top-selling books at the RSA bookstore," Adeline said. "A lot of CISOs reached out to us afterwards to say it helped their teams rethink browser security." Originally from Indonesia, Adeline's own path into tech was unconventional. "I grew up in a very traditional economy. Most of my family ran consumer businesses - nobody was in STEM," she said. After studying biochemistry at Cambridge and working in cancer research, she pivoted into consulting, and eventually joined Sequoia to evaluate tech companies, including cybersecurity firms. Her passion for deep tech and research led her to SquareX, where she now leads the Year of Browser Bugs (YOBB) project, uncovering browser-based architectural vulnerabilities each month. These include high-profile exploits like polymorphic extensions, which can impersonate legitimate browser tools like password managers and crypto wallets. "The danger is users don't realise they're entering credentials into a fake extension," Adeline explained. "These are architectural issues that legitimate browser features enable, and they're much harder to detect or patch." That urgency drove the creation of the manual. "We kept seeing the same problem - people using the browser constantly, but having very little visibility or protection," she said. "Existing tools just don't give you a clear picture of how the breach occurred." The manual's first edition is now being followed by a second, set for release at DEF CON and Black Hat in August. It will feature commentary from CISOs at Fortune 500 companies to ground the guidance in real-world enterprise experience. "We didn't want to just make it theoretical," Adeline said. "Each chapter now includes perspectives on actual problems faced by security teams." Access to the manual is currently via request form, though Adeline said digital availability is expected closer to August. Developing the manual was not without challenges. "The biggest hurdle was the lack of consolidated resources," she said. "There's research out there, but it's scattered. We had to pull together a lot of primary sources and make it digestible - from beginner concepts to advanced attacks." Browser-based threats have spiked recently, with attackers targeting the browser as the new endpoint for enterprise data. "Think about it," she said. "We don't download files anymore. Our files, apps, identities - everything is now in the browser. It's where 60 to 70 per cent of enterprise data lives." Adeline warned that the shift in attacker behaviour is permanent. "It's not just a trend. There's a fundamental change in how we work, and attackers are following the data." To help teams assess their own posture, SquareX has also launched a free browser attack testing tool. "Seeing is believing," she said. "You can test against 49 different browser-based attacks and see which ones bypass your current solutions." She sees two main approaches to browser defence: dedicated secure browsers, or solutions like SquareX's browser extension, which converts any existing browser into a secure one. "Most organisations can't migrate everyone to a new browser," she said. "Extensions are more practical, and updates are seamless." SquareX positions itself as the EDR for the browser, focusing on detection and response at a granular level. "We're obsessed with user experience. You can't compromise productivity just to get security," she said. The company's design avoids the risks of dedicated browsers, which often lag behind on security patches. "Every time Chrome issues a patch, those browsers need to be updated manually. That creates a gap where zero-days can thrive," she explained. Future plans include a red team edition of the manual and continuous updates as attacks evolve. "I wouldn't be surprised if there are multiple versions by next year," Adeline said. Her advice to security leaders just waking up to the browser as a threat vector is clear: "You need browser-native security to tackle browser-native threats." Adeline believes the industry must go beyond reacting to breaches and start anticipating them. "The best defence is understanding what attackers are doing," she said. "You can't just play catch-up." For her, the inclusion of peer input in the manual is crucial. "Security leaders want to hear from their peers. They need validation that this is a permanent shift, not a passing concern," she said. Asked what's changed to make browsers such a prime target now, Adeline points to a confluence of technology and behaviour. "Chrome has added countless new features like WebAssembly and WebRTC. These make browsers powerful enough to replace local apps," she explained. "Since COVID, we've seen everything move online. Now attackers are simply going where the data is." "The browser is the new endpoint," she said. "It's where we work - and where we're vulnerable."
