You’ve probably noticed that artificial intelligence, or AI, has been everywhere lately—news, phones, apps, even in your browser. It seems like everything suddenly wants to be “powered by AI.“ If it’s not, it’s considered old school and boring. It’s easy to get swept up in the promise: smarter tools, less work, and maybe even a glimpse of the future.

But if we look at some of the things we learned just this week, that glimpse doesn’t only promise good things. There’s a quieter story running alongside the hype that you won’t see in the commercials. It’s the story of how AI’s rapid development is leaving security and privacy struggling to catch up.

And if you make use of AI assistants, chatbots, or those “smart” AI browsers popping up on your screen, those stories are worth your attention.

Are they smarter than us?

Even some of the industry’s biggest names—Steve Wozniak, Sir Richard Branson, and Stuart Russel—are worried that progress in AI is moving too fast for its own good. In an article published by ZDNet, they talk about their fear of “superintelligence,” saying they’re afraid we’ll cross the line from “AI helps humans” to “AI acts beyond human control” before we’ve figured out how to keep it in check.

These scenarios are not about killer robots or takeovers like in the movies. They’re about much smaller, subtler problems that add up. For example, an AI system designed to make customer service more efficient might accidentally share private data because it wasn’t trained to understand what’s confidential. Or an AI tool designed to optimize web traffic might quietly break privacy laws it doesn’t comprehend.

At the scale we use AI—billions of interactions per day—these oversights become serious. The problem isn’t that AI is malicious; it’s that it doesn’t understand consequences, and developers forget to set boundaries.

We’re already struggling to build basic online safety into the AI tools that are replacing our everyday ones.

AI browsers: too smart, too soon

AI browsers—and their newer cousin, the ‘agentic’ browser—do more than just display websites. They can read them, summarize them, and even perform tasks for you.

A browser that can search, write, and even act on your behalf sounds great—but you may want to rethink that. According to research reported by Futurism, some of these tools are being rolled out with deeply worrying security flaws.

Here’s the issue: many AI browsers are just as vulnerable to prompt injection as AI chatbots. The difference is that if you give an AI browser a task, it runs off on its own and you have little control over what it reads or where it goes.

Take Comet, a browser developed by the company Perplexity. Researchers at Brave found that Comet’s “AI assistant” could be tricked into doing harmful things simple because it trusted what it saw online.

In one test, researchers showed the browser a seemingly innocent image. Hidden inside that image was a line of invisible text—something no human would see, but instructions meant only for the AI. The browser followed the hidden commands and ended up opening personal emails and visiting a malicious website.

In short, the AI couldn’t tell the difference between a user’s request and an attacker’s disguised instructions. That is a typical example of a prompt injection attack, which works a bit like phishing for machines. Instead of tricking a person into clicking a bad link, it tricks an AI browser into doing it for you. Without the realization of “oops, maybe I shouldn’t have done that,” it is faster, quiet, and with access you might not even realize it has.

The AI has no idea it did something wrong. It’s just following orders, doing exactly what it was programmed to do. It doesn’t know which instructions are bad because nobody taught it how to tell the difference.

Misery loves company: spoofed AI interfaces

Even if the AI engine itself worked perfectly, attackers have another way in: fake interfaces.

According to BleepingComputer, scammers are already creating spoofed AI sidebars that look identical to genuine ones from browsers like OpenAI’s Atlas and Perplexity’s Comet. These fake sidebars mimic the real interface, making them almost impossible to spot. Picture this: you open your browser, see what looks like your trusted AI helper, and ask it a question. But instead of the AI assistant helping you, it’s quietly recording every word you type.

Some of these fake sidebars even persuade users to “verify” credentials or “authorize” a quick fix. This is social engineering in a new disguise. The scammer doesn’t need to lure you away from the page, they just need to convince you that the AI you’re chatting with is legitimate. Once that trust is earned, the damage is done.

And since AI tools are designed to sound helpful, polite, and confident, most people will take their word for it. After all, if an AI browser says, “Don’t worry, this is safe to click,” who are you to argue?

What can we do?

The key problem right now is speed. We keep pushing the limits of what AI can do faster than we can make it safe. The next big problem will be the data these systems are trained on.

As long as we keep chasing the newest features, companies will keep pushing for more options and integrations—whether or not they’re ready. They’ll teach your fridge to track your diet if they think you’ll buy it.

As consumers, the best thing we can do is stay informed about new developments and the risks that come with them. Ask yourself: Do I really need this? What am I trusting it with? What’s the potential downside? Sometimes it’s worth doing things the slower, safer way.

Pro tip: I installed Malwarebytes’ Browser Guard on Comet, and it seems to be working fine so far. I’ll keep you posted on that.

We don’t just report on threats – we help safeguard your entire digital identity

Cybersecurity risks should never spread beyond a headline. Protect your—and your family’s—personal information by using identity protection.