SquareX, the pioneer in Browser Detection and Response (BDR), released a comprehensive recap of its Year of Browser Bugs (YOBB) project, a year-long commitment to research and expose critical architectural vulnerabilities in the browser.
Over the past decade, the browser has become the new endpoint—the primary gateway through which employees access SaaS apps, interact with sensitive data, and use the internet. The modern browser has also evolved significantly, with many capabilities that support complex web apps that parallel the performance of native apps. As with all new technologies, the very same features are also being used by malicious actors to exploit users, exploiting a massive security gap left by traditional solutions that primarily focus on endpoints and networks. Compounded with the release of AI Browsers, the browser has become the single most common initial access point for attackers. Yet, it remains to be poorly understood.
In the past 12 months, SquareX researchers released 11 research pieces, including major zero day vulnerabilities presented at DEF CON, BlackHat, RSA and BSides. These research pieces cover the gamut of browser-based threats, from polymorphic extensions, to Browser-Native Ransomware, to AI browser vulnerabilities.
“When we launched YOBB earlier this year, SquareX has been seeing a lot of browser native vulnerabilities that are being used to exploit enterprises and users,” said Vivek Ramachandran, Founder of SquareX. “These disclosures demonstrate that architectural limitations across browsers, extensions, and emerging AI technologies are putting organizations at risk in ways traditional security solutions simply cannot address. This demonstrates the importance of security teams to keep up with the modern way of working, whether it is securing AI or the browser itself.”
Critical Key Findings Recap
Browser Extension Vulnerabilities
SquareX exposed fundamental flaws in how browser extensions operate and are monitored. Browser Syncjacking (January) demonstrated that malicious extensions can fully take over user profiles, the browser and devices with minimal permissions. Polymorphic Extensions (February) revealed how attackers can perfectly mimic legitimate extensions like password managers and crypto wallets to steal credentials. The Architectural Limitations of Browser DevTools (July) research showed that there is little that end users can do to inspect extension behaviors in the browser, leaving security teams exposed to extension security risks.
AI Browser and Browser AI Agent Security
As AI-powered browsers gained enterprise adoption, SquareX continued to uncover critical vulnerabilities in AI Browsers. SquareX researchers revealed 79% of organizations deploy agentic workflows today. Unfortunately, Browser AI Agents (June), are trained to do tasks, not to be security aware, making them more vulnerable to attacks than human employees. Architectural Security Vulnerabilities of AI Browsers (September) exposed how attackers can exploit AI browsers to exfiltrate data, distribute malware and unauthorized access to users’ SaaS apps. The AI Browser Sidebar Spoofing Attack (October) demonstrated how malicious extensions can inject a pixel-perfect replication of AI sidebars, which provides false instructions that eventually lead to phishing, malicious file download and even device takeover. Most recently, SquareX researchers discovered a poorly documented MCP API in Comet (November) which allows its embedded extensions to execute arbitrary local commands, including known ransomware without explicit user permission.
Data Exfiltration and Identity Attacks
In August, SquareX made new research frontiers in browser-based data exfiltration and identity attacks at a DEF CON 33 talk titled Passkeys Pwned: Turning WebAuthn Against Itself, highlighting a passkey implementation flaw that allows unauthorized access to enterprise SaaS apps and resources via a malicious script/browser extension. At BSides SF 2025, our researchers also presented Data Splicing Attacks (April) — a set of data exfiltration techniques that bypass all Data Loss Protection (DLP) solutions listed by Gartner’s Magic Quadrant. Browser Native Ransomware (March) showed how ransomware attacks could be executed without any local files or process, by exploiting identity attacks in the browser, while the Fullscreen BitM Attack (May) demonstrated how a single click by the user, can trigger a full screen attacker-controlled browser window where victims unknowingly enter credentials while being fully monitored.
The complete Year of Browser Bugs report is a roundup of all the research that SquareX has conducted and is available for download here.
As the year comes to a close, SquareX’s commitment to browser security research intensifies and will not just stop here. SquareX is committed to continuously uncover emerging threats via its browser detection and response capabilities to help enterprises to stay ahead of attackers targeting the browser – the most exploited attack surface in modern enterprises.
Legal Disclaimer: The Editor provides this news content "as is," without any warranty of any kind. We disclaim all responsibility and liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. For any complaints or copyright concerns regarding this article, please contact the author mentioned above.
