The Hacker News

Researchers Trick Perplexity's Comet AI Browser Into Phishing Scam in Under Four Minutes

Researchers show GAN-trained phishing pages can trick Perplexity’s Comet AI browser in under four minutes, exposing a new AI-targeted attack surface.

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

AI browsing agent left local files open for the taking If you wanted to steal local files from someone using Perplexity's ...

Zenity Labs Discloses PleaseFix Vulnerability Family in Perplexity Comet and Other Agentic Browsers

Zenity Labs today disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to silently hijack AI agents, access local ...
NextBigFuture

Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers

SquareX released critical research exposing a hidden API in Comet that allows extensions in the AI Browser to execute local commands and gain full control over users’ devices. The research reveals ...

Experts say Perplexity's AI Comet browser can be hijacked to steal your passwords

Security researchers found a zero-click exploit in a new AI browser ...
Hosted on MSN

Use AI browsers? Be careful. This exploit turns trusted sites into weapons - here's how

Researchers disclosed a HashJack attack that manipulates AI browsers. Cato CTRL examined Comet, Copilot for Edge, and Gemini for Chrome. Could lead to data theft, phishing, and malware downloads.
SiliconANGLE

SquareX warns hidden API in Perplexity’s Comet browser enables full device takeover

New research out today from browser security company SquareX Ltd. is warning of a hidden application programming interface in Perplexity AI Inc.’s Comet browser that allows extensions in the ...