
Perplexity Comet AI Browser Vulnerable to Indirect Prompt Injection Attack
7 days ago
Perplexity Comet AI browser is vulnerable to indirect prompt injection, where malicious hidden instructions in web content trick the AI into accessing sensitive data. Traditional web security fails here. Mitigations include separating user commands from page content, requiring user confirmation for sensitive actions, and isolating agentic browsing. This shows the need for new security models in AI browsers as they gain power.