This article from Brave’s security team highlights a significant security risk in agentic browsers, where they can be tricked into doing things such as stealing credentials. They demonstrate a proof of concept in the article.
Agentic browsers have a built-in AI assistant that can browse the web and perform tasks on your behalf. While they speak about Perplexity’s Comet browser, know that Edge with Co-pilot has these same vulnerabilities. There are many in development.
The article details a vulnerability called indirect prompt injection. This attack allows a bad actor to hide malicious instructions on a webpage that the AI will follow as if they were legitimate commands.
Traditional browsers like Firefox that are designed for human use only and lack these autonomous AI capabilities are not vulnerable to this specific attack.
That’s hilariously bad!
