How hackers exploit new vulnerabilities in AI browsers

As AI browsers are quickly becoming a new trend, a newly published study has raised deep concerns about their potential exploitation to attack users.

Researchers point out that AI browsers such as Perplexity's Comet and OpenAI's ChatGPT Atlas can accidentally perform malicious behavior if they are indexed withindirect prompt injection.

According to the analysis, hackers can set traps in websites or emails, causing AI browsers to automatically send sensitive data such as emails, bank passwords, personal information or even perform actions beyond the owner's wishes.

OpenAI has recognized this risk. The company warned that AI agents could be overlooked by hidden commands, which could lead to data theft from sites that users have logged in to.

Workers can make mistakes when acting on your behalf, or be lured by hidden malicious commands and perform actions they do not want, OpenAI said.

In response to increasing warnings, Perplexity, a neighbor valued at $20 billion, is still holding a stance that users always have absolute control.

The company emphasized that Comet Assistant is designed with priority for display, only performing sensitive actions when given clear permission.

We ensure automation speed while still maintaining strict control for users, said a representative of Perplexity.

To boost trust, Perplexity has recently upgraded Comet Assistant with the ability to switch between multiple tabs to serve complex tasks such as spreading workspace, entering multi-point data or operating on deeply organized websites.

At the same time, the AI browser architecture has also been adjusted to increase network environment awareness, limiting the risk of misunderstanding commands.

Observers say the AI browser race is entering a fierce competition phase. With both Perplexity and OpenAI promoting AI's self-action capabilities, the most important issue is still ensuring the safety of users.

Perplexity even revealed that it will launch a completely new AI assistant in the next few days, signaling that the technology war will have many unpredictable developments.