The landscape of enterprise security is undergoing a seismic shift. A groundbreaking new analysis, the Browser Security Report 2025, reveals that the user’s browser has emerged as the central nexus for the most critical identity, SaaS, and AI-related risks. However, traditional security controls like Data Loss Prevention (DLP), Endpoint Detection and Response (EDR), and Security Service Edge (SSE) are now operating too low in the security stack to effectively address these evolving threats.
This convergence presents not merely a strategic blind spot but a parallel threat surface. Unmanaged browser extensions function as insidious supply chain implants, employees access powerful Generative AI tools through personal accounts, sensitive data is carelessly copied and pasted directly into prompt fields, and entire user sessions now bypass Single Sign-On (SSO) mechanisms. The report underscores a critical need for a new paradigm in browser security to combat these emerging challenges.
GenAI Emerges as the Foremost Data Exfiltration Channel
The rapid integration of Generative AI into enterprise workflows has inadvertently created a significant governance gap. Data from the Browser Security Report 2025 indicates that nearly half of all employees are utilizing GenAI tools, with a substantial majority doing so via unmanaged accounts that elude IT oversight. This lack of visibility is directly contributing to unprecedented data exfiltration risks.
The report’s findings highlight the alarming extent of this trend: 77% of employees admit to pasting data into GenAI prompts, and a staggering 82% of these pastes originate from personal accounts. Furthermore, 40% of uploaded files to these platforms contain Personally Identifiable Information (PII) or Payment Card Industry (PCI) data. Crucially, GenAI is now accountable for 32% of all corporate-to-personal data movement, a figure that underscores its new status as a primary data exfiltration channel.
Legacy DLP tools, designed for structured file transfers, were never equipped to handle the fluid, context-dependent nature of browser-based data movement. The browser has swiftly become the dominant, unmonitored, and policy-free conduit for sensitive information leakage through copy-and-paste actions.
AI Browsers Introduce a Novel Threat Surface
Beyond GenAI applications, an entirely new category of browser-based threat has emerged: “agentic” AI browsers. These innovative tools, such as OpenAI’s Atlas, Arc Search, and Perplexity Browser, are fundamentally altering the web interaction experience by seamlessly integrating search, chat, and browsing. By embedding large language models directly into the browsing layer, these AI browsers possess the ability to read, summarize, and analyze content across any page or tab in real-time.
While these advancements offer significant productivity gains for users by providing contextual assistance, they introduce a compelling and largely unmonitored attack surface for enterprises. This “always-on co-pilot” passively observes and processes everything an employee can see within the browser, operating without policy enforcement or visibility into data being shared with third-party AI models. The risks are substantial, encompassing session memory leakage that can expose sensitive data through AI-driven personalization, invisible “auto-prompting” that transmits page content to external models without user consent, and shared cookies that blur identity boundaries, potentially leading to account hijacks. Without robust enterprise-grade guardrails, these AI browsers effectively circumvent traditional security measures like DLP, SSE, and other browser security tools, creating an invisible, file-less pathway for data exfiltration.
Browser Extensions: The Ubiquitous, Ungoverned Supply Chain
The Browser Security Report 2025 also casts a harsh light on the pervasive threat posed by browser extensions. The statistics are stark: 99% of enterprise users have at least one extension installed, with over half granting high or critical permissions. Alarmingly, many of these extensions are either sideloaded by users or published by individuals using generic Gmail accounts, entirely bypassing any form of verification, update, or accountability. The telemetry data reveals that 26% of extensions are sideloaded, 54% are published by Gmail accounts, and a significant 51% have not been updated in over a year. Compounding this risk, 6% of GenAI-related extensions have been classified as malicious.
This situation transforms browser extensions from mere productivity tools into an unmanaged software supply chain deeply embedded within every employee endpoint. The implications for enterprise security are profound, as compromised extensions can introduce malware, steal credentials, or facilitate data exfiltration without users even realizing it.
Identity Governance Falters at the Browser Edge
A critical finding from the report is that traditional identity governance strategies often end abruptly at the Identity Provider (IdP), leaving a significant risk gap in the browser. Over two-thirds of corporate logins now occur outside of SSO, and nearly half of all SaaS logins utilize personal accounts. This makes it virtually impossible for security teams to maintain an accurate inventory of who is accessing what resources, or from where those access attempts are originating.
The breakdown is concerning: 68% of corporate logins bypass SSO, 43% of SaaS logins use personal accounts, and 26% of users admit to reusing passwords across multiple accounts. Furthermore, 8% of browser extensions actively access user identities or cookies, creating direct pathways for compromised credentials. This shift in attack vectors was starkly demonstrated in incidents like those attributed to Scattered Spider, where browser session tokens, rather than traditional passwords, became the primary target for malicious actors.
SaaS and Messaging Apps Enable Silent Data Exfiltration
The nature of enterprise workflows has evolved, with activities that once relied on structured file uploads now frequently occurring through browser-based pasting, GenAI prompting, and third-party plugin integrations. The Browser Security Report 2025 indicates that the majority of this sensitive data movement now happens directly within the browser layer, rather than through the sanctioned applications themselves.
Observed behaviors include 62% of pastes into messaging applications containing PII or PCI data, with 87% of this occurring via non-corporate accounts. On average, employees are pasting approximately four sensitive snippets per day into non-corporate tools. Incidents such as the Rippling/Deel leak exemplify this trend, where the breach originated not from malware or sophisticated phishing attacks, but from unmonitored chat applications operating within the browser.
The Limitations of Traditional Security Tools
The core issue highlighted by the report is that traditional security tools are fundamentally ill-equipped to address the threats emerging at the browser session level. EDR focuses on endpoint processes, SSE analyzes network traffic, and DLP scans files. None of these solutions, however, possess the capability to inspect the intricacies of what is happening within an active browser session—such as which SaaS tab is open, what specific data is being pasted, or which extension is injecting malicious scripts. Consequently, security teams are left blind to critical activities like shadow AI usage and prompt inputs, unpredictable extension behavior and code changes, cross-overs between personal and corporate accounts, and sophisticated session hijacking or cookie theft attempts.
Session-Native Controls: The Next Frontier in Browser Security
To effectively reassert control over the enterprise security perimeter, organizations must adopt a new approach centered on browser-native visibility and capabilities. This involves implementing controls that operate at the session level without compromising user experience. Key functionalities include the ability to monitor copy-and-paste actions and uploads across all applications, detect unmanaged GenAI tools and extensions, enforce session isolation and universal SSO, and apply DLP policies to non-file-based interactions.
A modern browser security platform, as detailed in the full Browser Security Report 2025, can provide these essential controls without necessitating a disruptive shift by forcing users onto entirely new browsers. The report signifies a crucial moment for security leaders to re-evaluate their strategies and invest in solutions that address the realities of today’s compromised browsing environment.
The Browser Security Report 2025 offers a comprehensive, data-driven perspective on how the browser has quietly escalated to become the most critical and vulnerable endpoint within the enterprise. Drawing insights from millions of real-world browser sessions, it meticulously maps the failures of current security controls and pinpoints the genesis of modern data breaches. Security leaders are now faced with the imperative to understand these blind spots and adapt their defenses accordingly.