{"data":{"id":"b061fa88-4334-4c90-9a52-304de1e1b8e5","title":"Lack of isolation in agentic browsers resurfaces old vulnerabilities","summary":"Agentic browsers (web browsers with embedded AI agents) lack proper isolation mechanisms, allowing attackers to exploit them in ways similar to cross-site scripting (XSS, where malicious code runs on websites you visit) and cross-site request forgery (CSRF, where attackers trick your browser into making unwanted requests). Because AI agents have access to the same sensitive data that users trust browsers with, like bank accounts and passwords, inadequate isolation between the AI agent and websites creates old security vulnerabilities that the web community thought it had solved decades ago.","solution":"The key recommendation for developers of agentic browsers is to extend the Same-Origin Policy (a security rule that keeps different websites' data separate in browsers) to AI agents, building on proven principles that successfully secured the web.","labels":["security","safety"],"sourceUrl":"https://blog.trailofbits.com/2026/01/13/lack-of-isolation-in-agentic-browsers-resurfaces-old-vulnerabilities/","publishedAt":"2026-01-13T12:00:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["prompt_injection","data_extraction"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":[],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}