New Browser Security Report Reveals Emerging Threats for Enterprises

New Browser Security Report Reveals Emerging Threats for Enterprises

The 2025 Browser Security Report identifies browsers as the primary vector for corporate data leaks, with 32% of leaks linked to GenAI tools and unmanaged extensions. Over 77% of employees paste sensitive data into GenAI prompts, often from personal accounts.

Why This Matters

Traditional security tools like DLP and EDR operate at layers below the browser, leaving a critical blind spot. The report highlights that 32% of corporate-to-personal data movement occurs through browsers, where unmonitored copy/paste actions, AI-powered session memory leakage, and sideloaded extensions create unmanaged risk surfaces. Legacy systems fail to enforce policies on GenAI prompts or detect session hijacking via cookies, enabling silent data exfiltration.

Key Insights

• “32% of corporate data leaks through browsers, 2025” – Browser Security Report 2025
• “AI browsers like Atlas and Perplexity create unmonitored attack surfaces via auto-prompting and session memory leakage”
• “26% of enterprise extensions are sideloaded, 6% of GenAI extensions are malicious”

Practical Applications

• Use Case: Enterprises using AI browsers risk data leakage through auto-prompting and session memory exposure.
• Pitfall: Relying on SSO without browser-level session isolation allows 68% of logins to bypass identity governance.

References:

• https://thehackernews.com/2025/11/new-browser-security-report-reveals.html