Summary: The recent State of Browser Security report by Keep Aware emphasizes the growing risks associated with browser usage as the main endpoint in enterprises, highlighting how traditional security measures are inadequate against modern threats like phishing and data breaches. With the rise of generative AI and the continuing negligence of security tools towards browser environments, organizations face significant challenges in monitoring and controlling data flow. The report calls for enhanced browser security practices to safeguard organizational data and mitigate potential risks.
Affected: Organizations utilizing SaaS and cloud services
Keypoints :
- Over 70% of modern malware attacks occur through web browsers, which remain largely unmonitored.
- 70% of phishing campaigns spoof trusted platforms like Microsoft and OneDrive, exploiting user trust.
- AI tools lack defined security boundaries, leading to risks of sensitive data leakage with 75% employee usage.
- Legacy Data Loss Prevention systems fall short as the primary channel for data movement has shifted to browsers.
- Browser extensions, often overlooked, can pose significant security risks by allowing excessive permissions and access.
- Shadow IT has escalated, with employees frequently using unauthorized applications, creating critical security gaps.
- Organizations must adopt dynamic risk assessments and integrate browser security into their security stacks for better visibility and control.
Source: https://thehackernews.com/2025/04/5-major-concerns-with-employees-using.html