TZUTC: -0500
MSGID: 1810.consprcy@1:2320/105 2d9d69d6
PID: Synchronet 3.21a-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
TID: SBBSecho 3.28-Linux master/123f2d28a Jul 12 2025 GCC 12.2.0
BBSID: CAPCITY2
CHRS: ASCII 1
FORMAT: flowed
Gartner advisory states AI browsers are NOT your friend  and they are putting
your business at risk

Date:
Mon, 08 Dec 2025 15:14:04 +0000

Description:
AI browsers pose a threat to data protection, financial information, and
security postures.

FULL STORY

Analyst firm Gartner has advised organizations to block AI browsers from use,
warning of the potential for data-exposure or autonomous actions performed by
agentic browsers on malicious websites. 

The main observation given by researcher VP Dennis Xu, senior director 
analyst Evgeny Mirolyubov, and VP analyst John Watts was that, Default AI
browser settings prioritize user experience over security. 

AI browsers, such as OpenAIs ChatGPT Atlas, are often employed to boost
efficiency by using autonomous navigation, workflows, and data collection -
but they can be tricked by malicious webpages into collecting and 
transferring sensitive information such as bank account details, credentials,
and emails.

"Happy to hack you " 

The Gartner analysts summarized an agentic browser to include two key
features: The ability to interact with web content using the developers AI
model, offering functions such as content summarization, data gathering,
translation, and search capabilities. The ability to complete tasks
autonomously on websites, especially within authenticated sessions. 

Many agentic browsers do not allow for the use of AI functions within a local
LLM, which means that user data, ranging from web content to browsing history
and open tabs, is often sent to the cloud-based AI back end, increasing the
risk of data exposure unless security and privacy settings are deliberately
hardened and centrally managed. 

Ultimately, it is down to each individual organization to perform an
assessment of the AI browser's back end services to see if they are compliant
with an organizations cybersecurity and data protection policies. But even if
they pass, they can still be used in a way that presents further risks to the
organization. 

In this case, the user themselves may provide the browser with an unnecessary
amount of sensitive information just by having sensitive data open in the 
same web browser window while using the browsers AI assistant. 

Furthermore, as agentic browsers can complete actions autonomously, Gartner
warns that employees could be tempted to use AI browsers and automate certain
tasks that are mandatory, repetitive, and less interesting, such as
cybersecurity training. 

Gartner suggests that organizations who continue to use agentic browsers
should Educate users that anything they are viewing could potentially be sent
to the AI service back-end to ensure they do not have highly sensitive data
active on the browser tab while using the AI browsers sidebar to summarize or
perform other autonomous actions. 

Commenting on the Gartner advisory, Javvad Malik, Lead Security Awareness
Advocate at KnowBe4 said: 

"AI features have introduced tension in cybersecurity, requiring people to
assess the trade-off between productivity and security risks. While agentic
browsers promise many features to enhance user experience, we are still in
early stages where the risks are not well understood and default
configurations prioritize convenience over security, something we see in many
technologies." 

"However, blanket bans are rarely sustainable long-term strategies. Instead,
the focus should be on risk assessments that evaluate the specific AI 
services powering these browsers. This can allow for measured adoption while
maintaining necessary oversight. As we find more and more AI agents making
their way into every aspect of technology, organizations need to have
playbooks in place to assess, and protect AI agents, and enable them to work
within the organization according to their own needs and risk appetite". 

Via The Register

======================================================================
Link to news story:
https://www.techradar.com/pro/security/gartner-advisory-states-ai-browsers-are
-not-your-friend-and-are-putting-your-business-at-risk

$$
--- SBBSecho 3.28-Linux
 * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)
SEEN-BY: 105/81 106/201 128/187 129/14 305 153/7715 154/110 218/700
SEEN-BY: 226/30 227/114 229/110 134 206 300 307 317 400 426 428 470
SEEN-BY: 229/664 700 705 266/512 291/111 320/219 322/757 342/200 396/45
SEEN-BY: 460/58 633/280 712/848 902/26 2320/0 105 304 3634/12 5075/35
PATH: 2320/105 229/426