PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Security Experts Warn Companies to 'Block All AI Browsers Now'

AI browsers are 'too risky for general adoption by most organizations,' according to research firm Gartner, a sentiment echoed by the UK’s National Cyber Security Centre.

Michael Kan
 & Michael Kan Principal Reporter

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS
(Credit: S and V Design/Getty Images)

The cybersecurity pushback against AI-powered browsers is escalating, with research giant Gartner and a UK government agency flagging them as potential threats.

"Cybersecurity must block AI browsers now," Gartner writes in a new report published last week. “AI browsers are nascent and innovative, yet too risky for general adoption by most organizations."

Gartner is sounding the alarms as more tech companies are starting to offer AI browsers that promise to streamline the web-surfing experience. The programs let you outsource and automate tasks, such as online searches or writing an email, to an AI agent. The only problem is that these same AI capabilities can be tricked into executing malicious commands hidden in websites or emails, effectively turning the browser against the user.

The security community refers to this threat as "prompt injection attacks," which exploit the fact that AI chatbots can’t always distinguish between a user's request and a malicious one. Gartner calls out Perplexity’s Comet and OpenAI's Atlas as browsers that companies should be careful with since they can automate various functions.  

Recommended by Our Editors

Google's Agentic AI Tool Gemini Spark Is Now Available
Google's Agentic AI Tool Gemini Spark Is Now Available
The Best AI Note-Taking Apps for 2026
The Best AI Note-Taking Apps for 2026
Claude Says It Cares About Privacy, But I Still Suggest Checking These 6 Settings
Claude Says It Cares About Privacy, But I Still Suggest Checking These 6 Settings

Gartner goes as far as to advise that all chief information security officers (CISOs) “block all AI browsers in the foreseeable future to minimize risk exposure,” adding that the default settings “are optimized for end-user experience rather than cybersecurity best practices or privacy.”

On Monday, the UK’s National Cyber Security Centre also warned, “There's a good chance prompt injection will never be properly mitigated” in the same way as SQL injection flaws, which can result from improper computer coding. “The best we can hope for is reducing the likelihood or impact of attacks,” the agency wrote on Monday.

However, the public can expect pushback from the tech industry, including Microsoft, OpenAI, and Perplexity, which have all been developing safeguards to counter prompt injection attacks. This includes assuming all content read from the web is untrusted and requires user permission before executing more sensitive commands. On Monday, Google announced its own effort to prevent such attacks in Chrome, which taps the Gemini chatbot for its AI capabilities.

In our own testing, we’ve found AI browsers to be underwhelming, with poor performance. So, users should be well aware of the limitations, including the privacy and security compromises.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter

My Experience

I've been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I'm currently based in San Francisco, but previously spent over five years in China, covering the country's technology sector.

Since 2020, I've covered the launch and explosive growth of SpaceX's Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I've combed through FCC filings for the latest news and driven to remote corners of California to test Starlink's cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I'm now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I'm always eager to learn more, so please jump in the comments with feedback and send me tips.

The Best Tech I've Had:

  • My first video game console: a Nintendo Famicom
  • I loved my Sega Saturn despite PlayStation's popularity.
  • The iPod Video I received as a gift in college
  • Xbox 360 FTW
  • The Galaxy Nexus was the first smartphone I was proud to own.
  • The PC desktop I built in 2013, which still works to this day.

Read the latest from Michael Kan

Read full bio