LayerX Security

We're headed to RSAC in SF, March 23–26 at Moscone Center. We’re meeting with security teams on securing AI interactions, prompts, uploads, and in-session actions. Plus our session: “From Prompt to Pwn” talk, Thu Mar 26, 12:20 PM PT (HT-R05). Book time: layerxsecurity.com/meet-layerx-at…

🔎 New @BleepinComputer coverage of our Poisoned Typeface research. Malicious commands can sit in the rendering layer while the HTML still looks harmless, so the user and the assistant are not reading the same page. All but one vendor said - out of scope. bleepingcomputer.com/news/security/…

New LayerX research shows AI assistants can call a malicious page safe because they read the DOM, not what the user sees. Text-only parsers miss instructions hidden in the rendering layer. AI should not be your web safety validator. layerxsecurity.com/blog/poisoned-…

Gartner suggested banning AI browsers. You don’t remove GenAI risk, you remove visibility. 🔍 Or Eshed in Dark Reading: why bans backfire and what controlled enablement looks like in-session. darkreading.com/cyber-risk/spe…

New research: Zero-permission extensions can hijack downloads by appending code to an installer. The download looks normal and runs normally, then the payload executes on the host. No warnings, no extra permissions, proxy tools miss it. PoC: layerxsecurity.com/blog/any-exten…

AI governance is getting budget, but many teams still don’t know what to ask for. @TheHackersNews covered our AI Usage Control RFP Guide: score vendors on incognito, AI browsers and agents, and corporate vs personal identities in-session. thehackernews.com/2026/03/new-rf…

The next chapter for LayerX begins today. We’re announcing the appointment of Rupal Hollenbeck as Chair of the Board of Directors. She joins LayerX at a pivotal moment as AI transforms industries in unprecedented ways. Read the full announcement: globenewswire.com/news-release/2…

Shadow AI is getting loud 🤖 Shadow AI isn’t just new tools. It’s personal AI accounts + connectors pulling data from O365/Workspace into a tenant you can’t control. Identity ≠ governance. If you can’t see it in-session (browser), you can’t govern it.

Gartner launched a new AI Usage Control category. LayerX is currently #1 on the list 🏆⭐ If you run AI governance, the shift is clear: stop debating “allow AI” and start controlling it in-session, especially across GenAI tools and the browser. Reviews: gartner.com/reviews/produc…

Agentic Browser Protection is live. AI browsers now act, not just assist. See LayerX govern agentic actions and the AI sidebar without blocking AI browsers. Webinar Mar 10 + Mar 12. Register: layerx.easywebinar.live/layerx-launche…

NEW: LayerX launches Agentic Browser Protection, the first dedicated solution for agentic AI browsers. 🤖 When the browser acts, it can paste sensitive data. LayerX adds governance for agentic actions, plus prompt injection defense. layerxsecurity.com/blog/layerx-an…

AI governance breaks fast: 🔎 you lose visibility into where business data goes, 📜 compliance shows up after the data is out, and ⚖️ the business keeps pushing for productivity. @OrEshed on why this is the CISO leadership test.

LayerX found 30 fake “AI assistant” Chrome extensions tied to tapnetic[.]pro, 300K+ users. Full-screen remote iframe UI lets operators change logic post-install. Gmail cluster runs at document_start, reads threads via .textContent. @BleepingComputer: bleepingcomputer.com/news/security/…

Our new research will give you a hunt list of 30 fake “AI assistant” extensions tied to tapnetic[.]pro, already affecting 300,000+ users, used to steal credentials and email content 😲. @BleepingComputer - several were Featured in the Chrome store: bleepingcomputer.com/news/security/…

OpenClaw (ex Clawdbot/Moltbot) went viral: 182k @GitHub ⭐ + 2M visits/week 🌐. It installs via @GoogleChrome Dev Mode (load unpacked) 🧩, so IDs aren’t stable. With LayerX, 🛑 block Dev-mode add-ons by regex on name/description: clawdbot|moltbot|openclaw. linkedin.com/posts/layerx-s…

@CSOonline covered our finding on Claude Desktop Extensions, DXT - runs unsandboxed with full system privileges. A Google Calendar invite gets chained into a local executor without consulting the user. 10,000+ active users. 50 DXT extensions. 🔗 Coverage. csoonline.com/article/412982…

@CSOonline covered our finding on Claude Desktop Extensions, DXT - runs unsandboxed with full system privileges. A Google Calendar invite gets chained into a local executor without consulting the user. 10,000+ active users. 50 DXT extensions. 🔗 Coverage. csoonline.com/article/412982…

GenAI is in tabs and tools. Ask for an AI inventory and you get 🦗. THN covered the AI Usage Control guide: it’s an interaction problem. Govern prompts, uploads, identities, and agent actions in-session. thehackernews.com/2026/02/the-bu…

“Is that a new AI browser? You know that’s a security risk, right?" "Nah, what could possibly go wrong?” Well, AI browsers change... EVERYTHING (for the better or worse). Want to see exactly what happens? This guy went down that rabbit hole. 📹👇

@SCMagazine covered LayerX research: 16 "ChatGPT mods" extensions steal @OpenAI ChatGPT session tokens. No ChatGPT bug. In-session token theft via a fetch hook. Browser security = GenAI security. Inventory AI extensions, then add guardrails. 🔎 scworld.com/news/researche…