The Hacker News

Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes

Researchers show GAN-trained phishing pages can trick Perplexity’s Comet AI browser in under four minutes, exposing a new AI-targeted attack surface.

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...

Zenity Labs Discloses PleaseFix Vulnerability Family in Perplexity Comet and Other Agentic Browsers

Zenity Labs today disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to silently hijack AI agents, access local ...
NextBigFuture

Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers

SquareX released critical research exposing a hidden API in Comet that allows extensions in the AI Browser to execute local commands and gain full control over users’ devices. The research reveals ...
Hosted on MSN

Use AI browsers? Be careful. This exploit turns trusted sites into weapons - here's how

Researchers disclosed a HashJack attack that manipulates AI browsers. Cato CTRL examined Comet, Copilot for Edge, and Gemini for Chrome. Could lead to data theft, phishing, and malware downloads.

Experts say Perplexity's AI Comet browser can be hijacked to steal your passwords

Security researchers found a zero-click exploit in a new AI browser ...