New AI browsers read, click and summarize for you — but experts warn they’re vulnerable to dangerous ‘prompt injections.' Here's how to stay safe

New artificial intelligence-powered web browsers aim to change how we browse the web. Traditional browsers like Chrome or Safari display web pages and rely on users to click links, fill out forms and search for information. AI-powered browsers promise to take that work off your hands.

These tools, such as Perplexity’s Comet or ChatGPT’s Atlas, go beyond search: they can summarize articles, plan trips, fill out forms, or even order groceries on your behalf. In short, they’re designed to act as autonomous agents, navigating the web and performing actions for you — not just showing you results.

But when you hand off tasks to an AI browser, it could open the door to vulnerabilities. These browsers can be tricked by hidden commands or malicious prompts disguised within web content — a type of cyberattack known as “prompt injection.”

Let’s break down what prompt injection is, why it poses serious risks to your privacy and finances, and what you can do to protect yourself before becoming a digital guinea pig.

Must Read

Thanks to Jeff Bezos, you can now become a landlord for as little as $100 — and no, you don’t have to deal with tenants or fix freezers. Here’s how
Dave Ramsey warns nearly 50% of Americans are making 1 big Social Security mistake — here’s what it is and 3 simple steps to fix it ASAP
Robert Kiyosaki says this 1 asset will surge 400% in a year — and he begs investors not to miss its ‘explosion’

Prompt injection can lead to real issues

AI browsers may sound like the next big step in online convenience. After all, who wouldn’t want a digital assistant that can click links, make reservations, and organize your emails automatically? But when you trust an agentic AI browser to act on your behalf, you’re also giving it permission to interact directly with websites — and that’s where things can go wrong.

Security researchers have found that these browsers can be tricked into following hidden instructions embedded in web pages, ads, or even images. In what’s known as a prompt injection, hackers disguise malicious code as regular content. Once the AI reads it, it can be manipulated into ignoring safety rules and carrying out harmful actions. (1)

According to a report by Brave, a secure browser company, “indirect prompt injection is not an isolated issue, but a systemic challenge facing the entire category of AI-powered browsers.” (2)

Cybersecurity experts recently told TechCrunch that AI browsers represent more risk than traditional browsers. (3) Before giving an AI browser too much access, experts recommend you weigh the proposed benefits against the potential risks. For example, allowing an AI browser like Comet or ChatGPT Atlas to organize your email account could give it more access to your personal details than you had in mind.

If your AI browser goes rogue at the direction of hackers, you could see your financial accounts drained or personal details plastered around the internet. It’s easy to see how a rash of hijacked AI browsers could become a criminal’s biggest tool.

Internet-related crimes already generated $16 billion in losses in 2024, a 33% increase over 2023, according to the FBI. (4) With hackers taking advantage of this new technology, we may see internet-related crimes generate even more losses in the coming years.

Read more: I’m almost 50 and have nothing saved for retirement — what now? Don’t panic. These 6 easy steps can help you turn things around

How to protect yourself

If you’re intrigued by the promise of AI browsers but uneasy about their risks, you’re not alone. There may not be a foolproof way to stay completely safe when using these tools — at least not yet. Even experts admit that prompt injection is an industry-wide problem that developers are still trying to solve.

Dane Stuckey, OpenAI’s chief information security officer, recently wrote in an X post that “Prompt injection remains a frontier, unsolved security problem, and our adversaries will spend significant time and resources to find ways to make ChatGPT agent fall for these attacks.” (5)

The post went on to note that ChatGPT is working hard to solve the problem by investing in security, privacy and safety infrastructure. But, for the foreseeable future, using an AI browser, like ChatGPT’s Atlas, will carry some risks.

Still, there are ways to reduce your exposure:

Limit what data your AI browser can access. Review your privacy and sharing settings, and avoid giving it permission to read your emails or manage sensitive accounts.
Be selective about what you ask it to do. The more tasks you hand over, the greater the chance it could encounter malicious instructions hidden online. (6)
Protect your accounts the traditional way. Use strong, unique passwords, enable multi-factor authentication, and keep your operating system and browser extensions up to date. (7)
Consider separating your AI use. J.P. Morgan’s cybersecurity team suggests using a dedicated email account — or even a separate device — for AI experiments so your banking, healthcare, or legal information stays isolated. (8)

For now, it may be best to treat AI browsers as experimental rather than essential. If you’re concerned about privacy or financial safety, you might want to wait until the technology matures and security standards improve. Let early adopters test the limits — and avoid being a digital guinea pig yourself.

New AI browsers read, click and summarize for you — but experts warn they’re vulnerable to dangerous ‘prompt injections.’ Here’s how to stay safe

Must Read

Prompt injection can lead to real issues

How to protect yourself

What to read next

Article sources

Contact & Support

RECENT PRESS RELEASES

Copper Property CTL Pass Through Trust Issues Revised 2025 Annual Budget

Copper Property CTL Pass Through Trust Files Quarterly Report for the Period Ended September 30, 2025

TRON DAO Brings Blockchain Education to Columbia and Harvard Through TRON Academy