AI browsers are vulnerable to prompt injection attacks, which can lead to significant data exfiltration risks as these browsers gain more agentic capabilities. Researchers have demonstrated various methods of exploiting these vulnerabilities, highlighting the need for improved security measures while acknowledging that complete prevention may never be possible. As AI continues to integrate with sensitive data and act on users' behalf, the potential for malicious exploitation increases.