Introduction to AI Security Threats
Security teams are facing two AI-related problems: adversaries using AI to launch attacks and employees adopting AI tools without proper security oversight. Both issues are converging in the browser, making it the primary location for AI security threats.
AI-Enabled Attacks
AI has accelerated the development of phishing kits, allowing attackers to create and iterate on them faster than ever before. This has led to an increase in AI-enabled attacks, which are outpacing traditional defenses. Phishing kits are being forked, modified, and brought to market at an unprecedented rate, with AI being used to multiply the output of attackers.
One example of this is the rapid evolution of ClickFix, which has introduced new techniques such as InstallFix and ConsentFix. Additionally, device code phishing, which abuses legitimate OAuth flows to bypass MFA and passkeys, has surged from a research curiosity to an industrialized PhaaS offering, with over 18 kits being actively tracked in the wild.
Uncontrolled AI Adoption
On the employee side, the adoption of AI tools is outpacing governance. Employees are using AI tools on corporate devices, with 45% of employees being regular AI users, according to the 2026 Verizon DBIR. However, this adoption is often happening without proper security oversight, with 67% of employees using non-corporate accounts and 38% of file uploads to AI tools being made from personal shadow accounts.
This uncontrolled adoption of AI tools is creating significant security risks, including sensitive data being exfiltrated through clipboard pastes and file uploads to unapproved AI tools. AI browser extensions are also collecting browsing context from internal applications, creating a data exfiltration path that operates outside traditional DLP.
The Browser as the Front Line for AI Security
The browser has become the primary location for AI security threats, with both AI-enabled attacks and uncontrolled AI adoption converging in the browser. The browser sees both sides of the problem and is the best single layer for gaining visibility and control over AI usage.
Combining browser-based security with platform-native controls can help enforce which AI tools employees can access and ensure they reach the corporate tenant rather than a personal account. This can also help prevent the kind of shadow AI use that can otherwise go undetected.
Evaluating Browser-Based Solutions
When evaluating browser-based solutions, there are several key questions to ask. These include whether the tool captures AI interactions that didn't trigger a policy violation, whether it captures the full OAuth consent flow when an AI agent requests access to organizational data, and how quickly the platform detects new attack techniques.
Additionally, it's essential to consider what telemetry reaches the SIEM and whether it's just alerts or the session data that makes them investigable. Some tools send alert metadata, while others forward broader telemetry, such as credential reuse, app logins, extension installs, phishing kit detections, file uploads, clipboard activity, and OAuth consents.
Push Security: A Browser-Based Threat Detection and Response Platform
Push Security is a browser-based threat detection and response platform that treats AI visibility and control as features that extend naturally from the platform's underlying architecture. With Push, organizations can detect and stop emerging browser-based attack techniques, including AI-enabled phishing and quickly evolving Fix-style attacks.
Push also streams telemetry to the SIEM for a wide variety of events, including attack detections, newly installed browser extensions or newly adopted apps, updates to extension permissions, file uploads and downloads, clipboard pastes, app logins, credential reuse, OAuth consents, and more. Additionally, Push allows organizations to block file uploads and downloads, block clipboard pastes of sensitive data, and write custom YAML rules targeting specific elements of the page DOM, web requests and responses, HTTP headers, and more.
Source: BleepingComputer