Perplexity's Comet Ai Browser Could Expose Your Data To Attackers - Here's How

Trending 2 weeks ago
  1. Home
  2. Tech
  3. Perplexity's Comet Ai Browser Could Expose Your Data To Attackers - Here's How
Perplexity Comet successful agentic AI mode
Screenshot by Lance Whitney/ZDNET

ZDNET's cardinal takeaways

  • Perplexity's Comet browser could expose your backstage data.
  • An attacker could adhd commands to nan punctual via a malicious website.
  • The AI should dainty personification information and website information separately.

Get much in-depth ZDNET AI coverage: Add america arsenic a preferred Google source on Chrome and Chromium browsers.

Agentic AI browsers are a basking caller inclination successful nan world of AI. Instead of you having to browse nan web yourself to complete circumstantial tasks, you show nan browser to nonstop its supplier to transportation retired your mission. But depending connected which browser you use, you whitethorn beryllium opening yourself up to information risks.

In a blog station published Wednesday, nan folks down nan Brave browser (which offers its ain AI-powered adjunct dubbed Leo) pointed their corporate fingers astatine Perplexity's caller Comet browser. Currently available for nationalist download, Comet is built connected nan premise of agentic AI, promising that your wish is its command.

Also: Why Perplexity is going aft Google Chrome - and yes, it's serious

Do you request to prime up a caller proviso of your favourite macromolecule portion astatine Amazon? Instead of doing it yourself, conscionable show Comet to do it for you.

OK, truthful what's nan beef? First, there's surely an opportunity for mistakes. With AI being truthful prone to errors, nan supplier could misinterpret your instructions, return nan incorrect measurement on nan way, aliases execute actions you didn't specify. The challenges multiply if you entrust nan AI to grip individual details, specified arsenic your password aliases costs information.

But nan biggest consequence lies successful really nan browser processes nan prompt's contents, and this is wherever Brave finds responsibility pinch Comet. In its ain demonstration, Brave showed really attackers could inject commands into nan prompt done malicious websites of their ain creation. By failing to separate betwixt your ain petition and nan commands from nan attacker, nan browser could expose your individual information to compromise.

Also: How to get free of AI Overviews successful Google Search: 4 easy ways

"The vulnerability we're discussing successful this post lies successful really Comet processes web page content," Brave said. "When users inquire it to 'Summarize this web page,' Comet feeds a portion of nan web page straight to its LLM without distinguishing betwixt nan user's instructions and untrusted contented from nan web page. This allows attackers to embed indirect punctual injection payloads that nan AI will execute arsenic commands. For instance, an attacker could summation entree to a user's emails from a prepared portion of matter successful a page successful different tab."

To date, location are nary known examples of specified attacks successful nan wild.   

Brave said nan onslaught demonstrated successful Comet shows that traditional web security isn't capable to protect group erstwhile utilizing agentic AI. Instead, specified agents request caller types of information and privacy. With that extremity successful mind, Brave recommended that respective measures beryllium implemented.

The browser should separate betwixt personification instructions and website content. The browser should abstracted nan requests submitted by a personification astatine nan punctual from nan contented delivered astatine a website. With a malicious tract ever a possibility, this contented should ever beryllium treated arsenic untrusted.

The AI exemplary should guarantee that tasks align pinch nan user's request. Any actions submitted to nan punctual should beryllium checked against those submitted by nan personification to guarantee alignment.

Also: Scammers person infiltrated Google's AI responses - really to spot them

Sensitive information and privateness tasks should require personification permission. The AI should ever require a consequence from nan personification earlier moving immoderate tasks that impact information aliases privacy. For example, if nan supplier is told to nonstop an email, complete a purchase, aliases log successful to a site, it should first inquire nan personification for confirmation.

The browser should isolate agentic browsing from regular browsing. Agentic browsing mode carries immoderate risks, arsenic nan browser tin publication and nonstop emails aliases position delicate and confidential information connected a website. For that reason, agentic browsing mode should beryllium a clear choice, not thing nan personification tin entree accidentally aliases without knowledge.

With Brave uncovering responsibility pinch Comet, really has Perplexity responded? Here, I'm conscionable going to stock nan timeline of events arsenic described by Brave.

  • July 25, 2025: Vulnerability discovered and reported to Perplexity.
  • July 27, 2025: Perplexity acknowledged nan vulnerability and implemented an first fix.
  • July 28, 2025: Retesting revealed nan hole was incomplete; further specifications and comments were provided to Perplexity.
  • August 11, 2025: One-week nationalist disclosure announcement sent to Perplexity.
  • August 13, 2025: Final testing confirmed nan vulnerability appears to beryllium patched.
  • August 20, 2025: Public disclosure of vulnerability specifications (Update: connected further testing aft this blog station was released, we learned that Perplexity still hasn't afloat mitigated nan benignant of onslaught described here. We've re-reported this to them.)

Now, nan shot is backmost successful Perplexity's court. I contacted nan institution for remark and will update nan communicative pinch immoderate response.

Also: The champion unafraid browsers for privacy: Expert tested

"This vulnerability successful Perplexity Comet highlights a basal situation pinch agentic AI browsers: ensuring that nan supplier only takes actions that are aligned pinch what nan personification wants," Brave said. "As AI assistants summation much powerful capabilities, indirect punctual injection attacks airs superior risks to web security."

More

Related Article

How To Choose The Best Tv For Gaming Right Now

How To Choose The Best Tv For Gaming Right Now

5 hours ago 4
A California Bill That Would Regulate Ai Companion Chatbots Is Close To Becoming Law

A California Bill That Would Regulate Ai Companion Chatbots Is Close To Becoming Law

7 hours ago 4
Perplexity Reportedly Raised $200m At $20b Valuation

Perplexity Reportedly Raised $200m At $20b Valuation

8 hours ago 4

Popular Article

The Best Wireless Headphones For 2025: Bluetooth Options For Every Budget

The Best Wireless Headphones For 2025: Bluetooth Options For Every Budget

1 month ago 414
New Travel Turmoil As American Airlines, United, Jetblue, And Avelo Slashing Flights And Routes – What You Need To Know

New Travel Turmoil As American Airlines, United, Jetblue, And Avelo Slashing Flights And Routes – What You Need To Know

1 month ago 261
American, Delta, Southwest And Alaska Connecting Chicago, Philadelphia, Raleigh-durham, San Diego, Santa Maria, Sun Valley With New Winter Airline Routes, Ballooning Us Travel Industry

American, Delta, Southwest And Alaska Connecting Chicago, Philadelphia, Raleigh-durham, San Diego, Santa Maria, Sun Valley With New Winter Airline Rou...

1 month ago 229
Thousands Of Air Canada Flights At Risk As Potential Strike Threat Set To Disrupt Global Travel

Thousands Of Air Canada Flights At Risk As Potential Strike Threat Set To Disrupt Global Travel

1 month ago 212
Google Is Experimenting With Machine-learning Powered Age Estimation Tech In The U.s.

Google Is Experimenting With Machine-learning Powered Age Estimation Tech In The U.s.

1 month ago 206
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions ·

©2025 Vokash.
All Rights Reserved.