Glossary topic

Agent-targeted attack surface: injection, phishing and browser exploitation

These attacks exploit the fact that AI agents browse, click, and act on behalf of users: attackers bypass browser isolation controls (same-origin policy), trick agents into harmful actions via fake prompts or lures (agent-phishing), or impersonate trusted AI brands to steal credentials (AI brand spoofing). Together they show how social-engineering and web-security weaknesses are being repurposed to manipulate autonomous agents rather than humans.
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →