• Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
  • Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
Login
Join Free
Home
Asia
Africa
Europe
Latin America
Middle East
North America
Asia
Africa
Europe
Latin America
Middle East
North America
Asia
Africa
Europe
Latin America
Middle East
North America
Coming Soon
Job Board
Events
Contact Awards
USMC Deception Manual
Login
Join Free
Home Global Operations

Three Research Teams Flag AI Browsers as Security Risk, Vendors Largely Silent

  • SOFX Staff Writer
  • July 6, 2026
(Credit: Koshiro K / Shutterstock.com)
Share on FacebookShare on TwitterLinkedIn

Three independent security research teams published warnings about AI-powered browsers in under four months, with multiple leading vendors declining to act on the findings.

The most recent disclosure, published June 29, 2026 by cybersecurity firm LayerX, demonstrated a technique called BioShocking that tricked six agentic browsers, which use embedded AI to execute tasks autonomously, into surrendering user credentials by bypassing their safety guardrails.

The affected platforms included OpenAI’s ChatGPT Atlas, Perplexity AI’s Comet, Anthropic’s Claude Chrome plugin, Fellou, Genspark Browser, and Sigma Browser. Only one of the six vendors acted on the disclosure.

The attack works by presenting the browser’s embedded large language model (LLM) with a puzzle that rewards intentionally wrong answers. Once the LLM processes that incorrect responses are valid, it stops enforcing its safety restrictions.

“Once the agents figured out the rules and learned that ‘incorrect’ actions are acceptable, they were no longer tied to reality,” LayerX researcher Roy Paz wrote. “When tasked with compromising user credentials, all six agents failed to identify it as going against their safety guardrails.”

A separate University of Washington study, also released in late June, found that four of seven tested agentic browsers could be manipulated to bypass the same-origin policy (SOP), a core web security protocol in place since 1995.

The team ran a successful proof-of-concept attack on ChatGPT Atlas and found the same conditions in Chrome with Gemini, Claude for Chrome, and Perplexity Comet. Perplexity AI and OpenAI declined the report. Anthropic did not respond.

“After 30 years of building up this same-origin policy, this is a big step back for browser security,” said UW Professor Franziska Roesner.

Both findings follow a March 2026 Zenity Labs disclosure identifying PleaseFix, a separate family of vulnerabilities in Perplexity’s Comet browser that allowed credential theft through prompt injection and was subsequently patched by the vendor prior to release.

SOFX Staff Writer

SOFX Staff Writer

The Editor Staff at SOFX comprises a diverse, global team of dedicated staff writers and skilled freelancers. Together, they form the backbone of our reporting and content creation.

Subscribe
Login
Notify of
guest
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
ADVERTISEMENT

Trending News

Iran’s ‘Jellyfish’ Drone Swarm Reveals Tech Leap to Global Military Analysts

Iran’s ‘Jellyfish’ Drone Swarm Reveals Tech Leap to Global Military Analysts

by SOFX Staff Writer
June 25, 2026
0

The F-15E Strike Eagle pilot rescued from Iran in April told U.S. intelligence officials he observed multiple Iranian drones moving...

Ukraine Said to Deploy AI Drones That Identify Human Targets via Facial and Heat Signatures

Ukraine Said to Deploy AI Drones That Identify Human Targets via Facial and Heat Signatures

by SOFX Staff Writer
May 22, 2026
0

Russian military bloggers claim Ukraine has started deploying drones equipped with artificial intelligence systems capable of identifying and guiding themselves...

Supreme Court Says Geofence Location Sweeps Count as Fourth Amendment Searches

Supreme Court Says Geofence Location Sweeps Count as Fourth Amendment Searches

by SOFX Staff Writer
June 30, 2026
0

The U.S. Supreme Court on Monday ruled that law enforcement's use of geofence warrants is subject to Fourth Amendment protections,...

Palantir CEO Blasts AI Industry as ‘Effing Insane’ During Interview

Palantir CEO Blasts AI Industry as ‘Effing Insane’ During Interview

by SOFX Staff Writer
July 3, 2026
0

Palantir CEO Alex Karp accused leading artificial intelligence companies of overcharging customers, exploiting business data and putting U.S. national security...

ADVERTISEMENT
ADVERTISEMENT
Next Post
Russian Hackers Put UK Government and NHS Logins Up for Sale on Dark Web

Russian Hackers Put UK Government and NHS Logins Up for Sale on Dark Web

Ukraine Reveals Secret NSM and Harpoon Coastal Defense Missile Systems for the First Time

Ukraine Reveals Secret NSM and Harpoon Coastal Defense Missile Systems for the First Time

997 Morrison Dr. Suite 200, Charleston, SC 29403

News

  • Global Operations
  • Special Interest
  • Industry
  • Global Operations
  • Special Interest
  • Industry

Resources

  • About Us
  • Contact Us
  • Advertise with Us
  • Editorial Policy
  • Privacy Policy
  • About Us
  • Contact Us
  • Advertise with Us
  • Editorial Policy
  • Privacy Policy
No Result
View All Result
  • Home
  • News
    • Global Operations
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
    • Industry
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
    • Special Interest
      • Asia
      • Africa
      • Europe
      • Latin America
      • Middle East
      • North America
      • Oceana
  • Market
    • Wired to Win
    • SOFX.NET
  • Intelligence
    • USMC Deception Manual
  • Resources
    • Contact Us
    • About Us
    • Editorial Policy
    • Privacy Policy
Subscribe
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.

Log in to your account

Lost your password?
wpDiscuz