{"data":{"id":"3553e36f-79ff-4191-9aab-95bb86d1e421","title":"What 2026 DBIR Confirms: Attacks Are Living in the Browser","summary":"The 2026 Verizon Data Breach Investigations Report reveals that attackers are increasingly operating through web browsers, where traditional security tools fail to detect them. Key risks include shadow AI (unauthorized use of services like ChatGPT with corporate data), credential theft in browsers (which accounts for 41% of browser-based attacks but goes undetected by network and endpoint security tools), and malicious browser extensions (13% classified as high or critical risk, often disguised as 'productivity' tools). The report shows that browser-layer attacks are largely invisible to conventional defenses like network proxies and DNS filters, creating a significant detection gap in enterprise security.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"https://www.bleepingcomputer.com/news/security/what-2026-dbir-confirms-attacks-are-living-in-the-browser/","publishedAt":"2026-06-05T14:00:10.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection","data_extraction","supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["OpenAI"],"affectedVendorsRaw":["ChatGPT","Microsoft","Keep Aware"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-05T14:00:10.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.75,"researchCategory":null,"atlasIds":null}}