A new attack technique called BioShocking convinces AI browsers they are playing a game — then walks off with your passwords.
LayerX security researchers tested the method against six AI browsers and succeeded every time. The attack works by framing a malicious interaction as gameplay, which gets the agent to treat credential disclosure as a valid move rather than a threat. Every browser on what LayerX calls "a roll-call of the new AI browser market" failed the test.
The finding matters because AI browsers are being sold partly on their ability to act autonomously on your behalf — filling forms, logging into sites, managing sessions. That capability is exactly what BioShocking exploits. An agent that can authenticate for you is an agent that can be tricked into authenticating for someone else.
AI browsers are still early enough that basic adversarial testing is exposing fundamental design gaps. The classic browser never handed over your stored credentials mid-session because it was never asked nicely enough — the AI browser, apparently, can be.