A serious security vulnerability has been discovered in Perplexity's Comet browser

Perplexity’s new AI browser Comet from Perplexity, which features a built-in assistant based on large language models, has been found to be vulnerable to attack. According to the company Brave, testing revealed that hidden commands on Web pages could be used to make the assistant perform actions that the user didn’t request.

How the vulnerability worked

In contrast to traditional browsers, Comet can analyze page content, make summaries, and run errands. But the vulnerability allowed the use of what’s known as prompt injection.

Brave experts posted a page on Reddit with invisible text. When Comet processed the content, it treated the hidden commands as real and started acting on the user’s behalf. In the test, the assistant accessed a Perplexity account, extracted an email address, and even tried to navigate to Gmail.

What it’s dangerous

A similar attack could be used to access bank accounts, corporate services, mail and other sensitive data, experts said. The danger is that the AI assistant actually mimicked the behavior of a live user, and the usual defense mechanisms would not work in this case.

Reaction of Perplexity and Brave

“The vulnerability has been fixed. We have a fairly rigorous bug bounty program in place, and we worked closely with Brave to identify and close it.”

Brave engineers have proposed a number of measures to protect such systems:

Always consider content on pages to be unreliable,
check if an action corresponds to a real user request,
enable “agent mode” only manually, when the user consciously wants it,
confirm critical actions with a repeated request from the human.

Why it’s important

Brave notes that the Comet case demonstrates a new category of risks associated with integrating AI into browsers and other applications. Whereas hackers used to require programming knowledge, now it’s enough to use clever text commands.

Brave notes that the Comet case demonstrates a new category of risks associated with AI integration into browsers and other applications.

Since many companies are adopting models from OpenAI, Google and Meta*, vulnerabilities in these systems potentially threaten a multitude of services.

* Belongs to Meta, it is recognized as an extremist organization in the Russian Federation and its activities are banned.

A serious security vulnerability has been discovered in Perplexity’s Comet browser

How the vulnerability worked

What it’s dangerous

Reaction of Perplexity and Brave

Why it’s important

Yandex Market opened iPhone 17 pre-order without prepayment

Full-cycle production of Tenet T4 crossover started in Kaluga

More in:Software and apps

Spotify launches private messaging for users

Max has strengthened its protection against phone scammers with Kaspersky

Xiaomi will be announcing the HyperOS 3 update tomorrow

Google introduces auto-launch feature for apps after installation in Play Store

News

Vladislav Bakalchuk to take charge of digital transformation of M.Video-Eldorado

Court in Moscow fined Twitch 61.7 million rubles

Yandex will celebrate the 40th anniversary of school informatics with an exhibition and interactive lessons

Translation, decoding and reminders: what features iPhone 17 owners can look forward to

M.Video-Eldorado launched BNPL service “Porublu” for payment for goods by installments

About ForGeeks.pro

ForGeeks.pro

Search

How the vulnerability worked

What it’s dangerous

Reaction of Perplexity and Brave

Why it’s important

Share

You may also like

More in:Software and apps

News

Latest Posts