Employees log into SaaS platforms, upload files, use AI tools, and manage customer data from a single tab. While the browser has become the enterprise’s main workspace, it remains largely outside the reach of security controls. According to the 2025 Browser Security Report by LayerX, that blind spot has turned into a major risk surface for data loss, identity theft, and AI misuse.
How AI browsers leak enterprise data (Source: LayerX)
AI is the fastest-growing and least-governed channel
Nearly half of employees now rely on generative AI tools, with ChatGPT dominating enterprise use. AI platforms already account for about 11% of total SaaS activity, placing them just behind email and productivity apps.
Most AI sessions happen outside enterprise oversight, either through personal accounts or corporate ones without single sign-on. Security teams often have no visibility into what employees paste or upload. Copy and paste, not file transfer, has become the main way sensitive data leaves the enterprise. Employees regularly move customer or payment information into AI prompts, often through unmanaged browsers or personal accounts.
Tools like Arc Search, Brave AI, and Copilot-mode Edge integrate language models directly into browsing. These tools read and summarize web pages automatically, sometimes capturing session data and cookies in the process. Because they function like normal browsers, they usually operate without enterprise monitoring, giving them access to sensitive content, credentials, and SaaS tabs.
Browser extensions as a supply chain in disguise
Browser extensions, once simple productivity aids, now make up one of the largest unmanaged software ecosystems in enterprises. Almost every user has at least one installed, and more than half of those extensions hold permissions that allow access to cookies, session data, and page content.
Many come from unknown developers, use free email accounts for registration, or have gone unpatched for months. A large share are sideloaded from outside official stores. Together, these trends have created an unmonitored software supply chain running inside every browser session.
AI extensions often request high privileges to interact with SaaS data, bypassing network-level controls. A case in late 2024 illustrated the risk when attackers compromised a legitimate Chrome extension through a stolen developer account. The malicious update spread automatically to hundreds of thousands of users before detection, exposing session data and cookies. The event showed how a trusted extension can quickly become a vector for data theft.
Identity risk begins inside the browser
The report found that enterprise logins bypass single sign-on, and employees access work apps with personal credentials. Even core systems such as ERP and CRM often run outside centralized identity controls.
Password hygiene remains weak, with corporate accounts still using medium-strength or reused passwords. Combined with non-SSO logins, these practices make credential stuffing and session hijacking easier.
Some extensions have access to identity APIs and cookies, which can be used to harvest credentials or hijack sessions. Once attackers obtain a live browser token, they can move through SaaS environments without triggering MFA. Identity exploits now focus less on stolen passwords and more on stolen sessions that happen entirely inside the browser.
SaaS workflows expand the attack surface
The browser has become the primary point of interaction with SaaS, but visibility into data movement between these tools continues to fade. Employees routinely upload and share large volumes of data through storage, collaboration, and AI applications. Much of that information includes personal or financial details, often sent from unmanaged accounts.
Instant messaging and collaboration platforms have emerged as another weak point. Many leaks result not from hacking but from third-party integrations connected to these tools. Some store or transmit chat data to external servers for analytics or AI training, exposing business conversations without user awareness. This pattern of “shadow automation” shows how data can leave the enterprise through everyday workflows.