New research from browser security firm Menlo Security reveals an alarming rise in unsanctioned generative AI (GenAI) use across enterprises, with growing concerns over data leakage, phishing, and regulatory compliance.
According to The 2025 Report: How AI is Shaping the Modern Workspace, web traffic to GenAI sites spiked by 50% in under a year, culminating in 10.53 billion visits in January 2025 alone.
At the heart of the findings is a sharp increase in what Menlo terms Shadow AI, or the use of unsanctioned GenAI tools by employees, often without their organization’s knowledge or oversight.
AI Adoption Accelerates, Security Gaps Widen
The report uses telemetry data from hundreds of global enterprises, shining a light on how 68% of employees now access GenAI tools like ChatGPT via personal accounts. More than half (57%) are inputting sensitive or confidential data.
Devin Ertel, Chief Information Security Officer at Menlo Security, said the situation is causing a dangerous imbalance between adoption and governance. “The numbers don’t lie; AI adoption is exploding and essential in the modern workspace,” he said. “However, without clear governance, this rapid growth can create serious risks around data leakage.”
In just one month, Menlo saw over 155,000 copy events and more than 313,000 paste attempts involving GenAI tools, suggesting widespread attempts to input and extract sensitive data. These tools are frequently accessed via browsers, which now account for 80% of all GenAI traffic.
The Rise of AI-Driven Threats
Menlo also reports a 130% year-on-year surge in zero-hour phishing attacks, many linked to AI-generated content. Nearly 600 fake GenAI websites have already been detected, 40 of which were blocked in March 2025 alone by Menlo’s HEAT Shield AI.
The proliferation of GenAI tools is partly to blame. With over 6,500 domains and 3,000 GenAI apps noted, the ecosystem has grown rapidly, providing fertile ground for scammers and cybercriminals.
“Before GenAI, attackers were already spinning up phishing domains at speed,” said Krishna Vishnubhotla, VP of Product Strategy at Zimperium. “Now, with GenAI, those attacks are automated, personalized, and nearly impossible to detect using traditional tools, especially on mobile.”
Regional Trends and Regulatory Pressures
The Americas currently lead in overall GenAI traffic, but adoption is growing fastest in Asia-Pacific. In China and India, 75% and 73% of entities respectively report using GenAI tools. Meanwhile, Europe lags behind, likely due to regulatory constraints, including the recently enacted EU AI Act.
Dave Gerry, CEO at Bugcrowd, spoke of the broader challenge: “The big risk isn’t just technical, it’s trust erosion. The security community needs to zero in on model manipulation, prompt injection, and adversarial testing.”
Experts Warn of Shadow AI’s Stealth Threat
Unlike traditional shadow IT, Shadow AI is harder to detect. “It’s not just unsanctioned, it’s invisible,” said Kris Bondi, CEO of Mimoto. “Employees are using it without telling anyone. Its generative nature makes it more powerful, and more dangerous.”
Industries most at risk include those where accuracy, regulation, and critical infrastructure intersect, such as healthcare, energy, and finance.
Bondi warned that zero-use policies may backfire: “A ban won’t stop Shadow AI, it drives it underground. Instead, educate employees, define unacceptable uses, and provide sanctioned alternatives.”
Nicole Carignan, Field CISO at Darktrace, also called for proactive governance. “AI systems are becoming integral to business operations. Securing them isn’t optional, it’s foundational. We need visibility, explainability, and control.”
Carignan stressed the importance of AI asset discovery and the use of anomaly-based detection tools to pinpoint threats in real time. As offensive AI advances, so must defensive AI.
What Enterprises Can Do
To tackle the risks, Menlo recommends a combination of policies and technologies:
- Adopt sanctioned AI tools with built-in safeguards
- Implement strict Data Loss Prevention (DLP) policies
- Assume BYOD and unmanaged devices are compromised
- Enforce zero trust access models
- Use AI-native security solutions like the Menlo Secure Cloud Browser with HEAT Shield AI
Satyam Sinha, CEO of Acuvity, believes this shift requires a mindset change. “GenAI is already automating tasks across industries, from customer service to coding. The only way forward is to embrace AI-native security that scales alongside the technology.”
But with AI capabilities evolving monthly, governance must become more agile. Jamie Boote, Associate Principal Security Consultant at Black Duck, said organizations must build a forward-looking vision for secure AI. “Right now, best practices are still being written. Security teams must lead with intention, not just follow engineering’s lead.”
Visibility and Responsibility
As AI-powered threats continue to soar, it’s clear that securing the modern workspace isn’t about firewalls and passwords, but about visibility, responsibility, and the ability to act in machine time.
“The threat isn’t coming,” said Carignan. “It’s already here.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.