LayerX Security’s research reveals that malicious or compromised browser extensions — even those without special permissions — can access and modify prompt input fields within AI tools rendered in web browsers, exploiting the DOM (Document Object Model) to conduct prompt injection attacks. This allows attackers to insert hidden instructions, intercept user queries, or extract sensitive information directly from the prompt.
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Prompt Injection in AI Browsers - Schneier on Security | 0 | 101 | November 11, 2025 | |
| Webinar: The "Agentic" Trojan Horse: Why the New AI Browsers War is a | 1 | 139 | December 2, 2025 | |
| Unseeable prompt injections in screenshots: more vulnerabilities in Comet and other AI browsers | 1 | 95 | October 27, 2025 | |
| Brave adds experimental agentic AI browsing feature | 16 | 532 | December 14, 2025 | |
| Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting | 1 | 81 | December 28, 2025 |
Massive organizations are monitoring your online activities. Privacy Guides is your central privacy and security resource to protect yourself online.
Privacy Guides is a non-profit, socially motivated website that provides information for protecting your data security and privacy.
We do not make money from recommending certain products, and we do not use affiliate links.