RESEARCHERS from cybersecurity firm LayerX have alerted that multiple agentic browsers can be exploited to bypass security measures and execute harmful actions. They conducted an experiment using a puzzle inspired by the BioShock game, leading to a threat known as 'BioShocking.'
The tested browsers (ChatGPT Atlas, Comet, Fellou, Genspark Browser, Sigma Browser, and Claude Chrome) learned incorrect moves were necessary to progress, resulting in actions like retrieving sensitive SSH login credentials under the guise of winning a game. LayerX suggests that vendors enhance security by requesting confirmations for sensitive actions and suggests users manage browser access properly. They reported findings to browser vendors, with mixed responses.