Image credit: Zapier
Browser-based malware became the leading attack vector in 2024, accounting for 70% of observed malware incidents, according to Keep Aware’s State of Browser Security 2025 report.
The shift marks a significant change from email-delivered threats, now reduced to just 15%.
As cloud services and SaaS tools dominate workplace productivity, browsers have become prime targets for sophisticated cyber threats, bypassing legacy tools like firewalls and endpoint detection systems.
The modern enterprise browser has evolved into the primary workspace, yet security strategies lag behind. Traditional tools lack visibility into dynamic web content and user behaviour within the browser, leaving organizations vulnerable to phishing, malware, and data exfiltration.
The blind spot compromises data integrity and increases compliance risks.
The Big Picture:
- 70% of malware now enters through the browser.
- 34% of uploads on managed devices go to personal accounts.
- Over 1,400 ChatGPT-based extensions exist in the Chrome Web Store.
- 10% of AI prompts involve sensitive business data.
- 10% of browser extensions carry high or critical risk due to permissions abuse.
Keep Aware’s findings highlight a range of stealth techniques attackers now deploy:
- Malware Reassembly: Fragments of code assemble and activate inside browsers.
- Multi-Step Phishing: Dynamic gates and cloaking tactics evade detection.
- Living Off Trusted Sites: Attackers exploit platforms like Google Docs and Dropbox for malware delivery.
- Shadow IT Proliferation: Personal AI tools and unsanctioned SaaS apps introduce unmanaged risks.
What They’re Saying
Ryan Boerner, CEO of Keep Aware, wrote in the report:
“Security tools evolved outside the browser, but work—and the risks—have moved inside it.”
“Ironically, security tools were built around the browser with the assumption that these platforms were inherently known good. Today, that trust is being weaponized.”
What’s Next?
- Browser Detection and Response (BDR) must become as essential as EDR.
- Enterprises are expected to triple their use of managed browsers or secure extensions by 2026.
- Regulatory pressure will soon mandate AI governance and browser-layer visibility.
The Bottom Line
Relying on outdated perimeter-based security exposes organizations to modern browser threats. Real-time monitoring and browser-native controls are essential for safeguarding data where today’s work actually happens.
About Author
