Early versions of artificial-intelligence browsers are exposing users to cyber-attacks, researchers at SquareX have warned. Their latest study on the Comet AI browser found that embedded “agentic” systems, designed to automate tasks like booking flights or managing calendars, can be tricked into granting hackers access to private accounts and emails.

“These AI agents are not security-aware,” said SquareX researcher Audrey Adeline. “It’s very easy for attackers to make them think malicious tasks are required.”

While developers including Browserbase and partners such as 1Password are working to build safer authentication systems, vulnerabilities remain. Adeline said her team identified four successful exploits within weeks of testing. Industry leaders liken the process to the early days of cloud computing, promising but perilous until the infrastructure matures.