Some agentic AI browsers come with major cybersecurity risks, UW study finds

Staff Editor 2026-06-30

Some agentic AI browsers come with major cybersecurity risks, UW study finds

https://www.newswise.com/articles/some-agentic-ai-browsers-come-with-major-cybersecurity-risks-uw-study-finds

Publish Date: 2026-06-30 14:55:00

Source Domain: www.newswise.com

In the last year or so, artificial intelligence companies have rolled out a spate of web browsers equipped with AI agents. A user might ask one of these agents to plan a vacation and it will open browser tabs to research routes and restaurants, then make reservations and add events to the user’s calendar. How well it does any of this varies.

New research from the University of Washington found that the most powerful of these browsers also open users up to significant cybersecurity risks. A UW team studied seven popular agentic browsers and found that four create ways for malicious actors to bypass a fundamental cybersecurity protocol called the “same-origin policy,” which makes websites that are open in a browser unable to interact with each other’s information.

Researchers ran a successful proof-of-concept cyberattack on one browser, ChatGPT Atlas. They had a website steal information from another that was embedded in it — as if an ad on an email site could snatch sensitive info from the user’s emails. Researchers also found the right conditions for similar attacks in three other browsers: Chrome with Gemini, Claude for Chrome and Perplexity Comet. The browsers that gave agents fewer permissions were generally safer. 

“Browser agents aren’t ready for the public,” said co-senior author David Kohlbrenner, a UW assistant professor in the Paul G. Allen School of Computer Science & Engineering. “Even if you’re a relatively savvy user, if these agents have access to a browser that contains your credentials — your email, your bank account, whatever it is — you should not trust that these systems are ready to truly protect your information. They may get there in time, but they’re not there yet.” 

The team presented its research April 26 at the Agents in the Wild Workshop in Rio de Janeiro. 

The same-origin policy, introduced in 1995, is an essential security measure of the modern web. It keeps different websites from…

Source

More Stories

Rubrik CEO: Why Frontier AI Is A ‘Reckoning For The Cybersecurity Industry’

Rubrik CEO: Why Frontier AI Is A ‘Reckoning For The Cybersecurity Industry’

Staff Editor 2026-06-30
U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog

Staff Editor 2026-06-30
Lakelands Public Health reveals cybersecurity incident

Lakelands Public Health reveals cybersecurity incident

Staff Editor 2026-06-30

Terms and Conditions - Privacy Policy