TLDR: Browsers have become central to work, increasing risks from attacks like phishing and malware. Common security lapses include trust in browser vendors, insecure extensions, session hijacking, and lack of policies. To combat these threats, organizations should utilize secure browsers, enforce zero trust principles, conduct behavior monitoring, and continuously assess risks associated with users and their devices.
https://unit42.paloaltonetworks.com/browser-defense-playbook/