A fundamental shift in enterprise cybersecurity is underway, with the emergence of Browser AI Agents as a new and potentially more dangerous vulnerability than human users, according to a new report from cybersecurity firm SquareX, (via Techradar).
According to the publication, once hailed for their potential to boost productivity by handling repetitive online tasks, these AI-driven browser agents are now being flagged as major security blind spots. SquareX’s research claims these automated tools are more susceptible to cyberattacks than human employees, challenging the long-standing assumption that human error is the weakest link in organisational security, the report added.
“Browser AI Agents have now overtaken employees as the primary vulnerability within enterprises,” said Vivek Ramachandran, CEO of SquareX. “They can flawlessly carry out tasks, but completely lack the intuition to detect threats.”
Unlike staff who regularly receive cybersecurity training and are increasingly aware of phishing scams, suspicious links, and unfamiliar interfaces, these AI agents operate without any security instincts, the report noted. Driven solely by tasks, they fail to assess risk or question the authenticity of the websites and applications they interact with.
In a demonstration using the open-source Browser Use framework, SquareX instructed an agent to sign up for a file-sharing service. Instead, the agent unwittingly granted access to a malicious application linked to a suspicious domain, something a trained employee would likely have flagged. In another example, an agent was duped into entering login credentials on a phishing site during what appeared to be a routine Salesforce login.
“These tools function with the same access rights as the user they represent,” the researchers explained. “That makes it incredibly difficult for traditional security solutions to distinguish between legitimate activity and compromised AI behaviour.”
Reportedly, this parity in access privileges means that, once compromised, a browser agent can give hackers unrestricted access to enterprise systems, all without triggering standard security alerts. SquareX warns that even leading cybersecurity platforms, from Endpoint Protection to Zero Trust Network Access (ZTNA) systems, are ill-equipped to deal with this emerging threat.
The company urges enterprises to adopt browser-native security solutions, such as Browser Detection and Response (BDR), which can help identify suspicious agent activity in real-time. Until major browsers integrate native safeguards for AI-driven automation, oversight mechanisms must be developed independently.
“There is an urgent need not just for smarter AI agents, but for smarter oversight,” the report concludes.
