Security researchers have just warned that Perplexity's AI Comet browser has a vulnerability that can be exploited by attackers to steal users' sensitive data, including email, banking password and personal information.
According to the announcement from the research team at Brave (a privacy-focused browser developer in the US), the vulnerability comes from Comet's way of handling web content when performing commands such as "shortening this website".
browser cannot distinguish between valid requirements from users and unreliable content. This allows attackers to dilate malicious directives into the website, turning them into orders that Comet automatically executes.
For example, an attacker can hide a request for user email access in an invisible text section on another tab, Brave wrote in the report.
Hacious instructions can appear as whiteboards on white background, HTML comments or even inserted into social media posts like Reddit or Facebook.
Brave believes that this vulnerability is particularly dangerous because Comet is considered the first AI browser to bring AI agents to the search experience center, with direct access to data from platforms that users have logged in to.
Therefore, when taken advantage, AI can accidentally take a bank password, OTP code or email and make it public on online forums.
Responding to the report, Perplexity spokesperson Jesse Dwyer confirmed that the vulnerability has been identified and patched. However, in the latest experiment, Brave said the error still exists and may continue to be exploited.
Although no real cases of attack have been recorded, Brave warned that the risk is real. The company recommends that Perplexity quickly improve Comet's command processing mechanism, clearly separating user instructions from website content.
At the same time, actions related to sensitive data must have direct confirmation from users.
The incident once again shows that AI browsers, although bringing a new search experience, still have many potential risks.
With AI having deep access to personal data, security and privacy challenges are becoming increasingly urgent.
