Interesting new research from Brave on AI browser vulnerabilities to prompt injection content occluded in images. Clearly, Brave have interest in shifting the Agentic Browser discussion to security and privacy, since the emphasise those capabilities, but he attacks themselves are of interest in any case. At a time when OpenAI have introduced these capabilities in their own new browser, we can expect more of this to come. But browsers remain an enormous attack surface that most organisations don't have under control, even before you put an AI in the pilot seat. Personally, I don't feel we are ready for this yet, and we'll see more of these attacks to come.
Unseeable prompt injections in screenshots: more vulnerabilities in Comet and other AI browsers | Brave
