[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"nav-categories":3,"article-ai-vulnerabilities-are-becoming-critically-dangerous":70},{"data":4},[5,37,57,64],{"name":6,"slug":7,"categories":8},"Productivity","productivity",[9,13,17,21,25,29,33],{"id":10,"title":11,"slug":12},17,"Branding","branding",{"id":14,"title":15,"slug":16},19,"Marketing","marketing",{"id":18,"title":19,"slug":20},20,"Work","work",{"id":22,"title":23,"slug":24},34,"Community","community",{"id":26,"title":27,"slug":28},21,"For newbies","for-newbies",{"id":30,"title":31,"slug":32},24,"Investment","investment",{"id":34,"title":35,"slug":36},22,"Finance","finance",{"name":38,"slug":39,"categories":40},"Tech","tech",[41,45,49,53],{"id":42,"title":43,"slug":44},28,"Technology","technology",{"id":46,"title":47,"slug":48},32,"Artificial Intelligence","artificial-intelligence",{"id":50,"title":51,"slug":52},26,"Security and protection","security-and-protection",{"id":54,"title":55,"slug":56},31,"YouTube Blog","youtube-blog",{"name":58,"slug":59,"categories":60},"News","news",[61],{"id":62,"title":58,"slug":63},18,"quasanews",{"name":65,"slug":66,"categories":67},"Business","business",[68],{"id":69,"title":65,"slug":66},16,{"post":71,"published_news":95,"popular_news":151,"categories":215},{"title":72,"description":73,"meta_title":72,"meta_description":74,"meta_keywords":75,"text":76,"slug":77,"created_at":78,"publish_at":79,"formatted_created_at":80,"category_id":50,"links":81,"view_type":84,"video_url":85,"views":86,"likes":87,"lang":88,"comments_count":87,"category":89},"AI Vulnerabilities Are Becoming Critically Dangerous","A severe vulnerability discovered by Brave in Perplexity’s AI-powered browser, Comet, has exposed a fundamental flaw not just in Comet but in the broader class of agentic browsers. This isn’t a mere bug - it’s a systemic issue that could redefine the risks of integrating AI into web browsing.","The industry must act swiftly to design robust safeguards, or we risk opening the door to a new era of sophisticated, AI-driven cyberattacks.","This incident underscores a broader truth: granting AI full access to a browser with active user sessions is a ticking time bomb for cyberattacks.","\u003Cp>A severe vulnerability discovered by Brave in Perplexity’s AI-powered browser, Comet, has exposed a fundamental flaw not just in Comet but in the broader class of agentic browsers. This isn’t a mere bug - it’s a systemic issue that could redefine the risks of integrating AI into web browsing.\u003C/p>\n\n\u003Chr />\n\u003Ch4>\u003Cstrong>The Attack Explained\u003C/strong>\u003C/h4>\n\n\u003Cp>\u003Cimg alt=\"\" class=\"image-align-left\" height=\"447\" src=\"https://quasa.io/storage/photos/00/image - 2025-10-20T125216.100.jpg\" width=\"300\" />The exploit is alarmingly simple yet devastating. Malicious actors can embed hidden instructions for the AI directly within a webpage’s content - think white text on a white background, HTML comments, or even Reddit threads.\u003C/p>\n\n\u003Cp>When a user clicks “Summarize this page,” the AI fails to distinguish between legitimate content and malicious commands, blindly executing everything.\u003C/p>\n\n\u003Cp>\u003Cstrong>Brave demonstrated the attack with a chilling proof-of-concept:\u003C/strong>\u003C/p>\n\n\u003Cp>- A user opens a Reddit post containing malicious instructions hidden behind a spoiler tag.\u003Cbr />\n- The user asks Comet to summarize the page.\u003Cbr />\n- The AI processes the hidden commands and:\u003Cbr />\n  - Navigates to `\u003Cstrong>perplexity.ai./account\u003C/strong>` (with a dot to bypass security measures).\u003Cbr />\n  - Accesses the user’s Gmail to retrieve an OTP code.\u003Cbr />\n  - Sends the email and OTP back to a Reddit comment.\u003C/p>\n\n\u003Cp>The result? The user’s account is compromised without any additional interaction.\u003C/p>\n\n\u003Chr />\n\u003Ch4>\u003Cstrong>Why This Matters\u003C/strong>\u003C/h4>\n\n\u003Cp>This vulnerability exposes a critical weakness in AI-driven browsers: they operate with the same privileges as the user, accessing all active, logged-in sessions - bank accounts, email, corporate systems, you name it. Traditional web security mechanisms like Same-Origin Policy (SOP) or CORS are powerless here, as the AI is trusted to act on the user’s behalf. This creates a new attack surface that conventional defenses aren’t equipped to handle.\u003C/p>\n\n\u003Chr />\n\u003Ch4>\u003Cstrong>Potential Solutions\u003C/strong>\u003C/h4>\n\n\u003Cp>\u003Cimg alt=\"\" class=\"image-align-right\" height=\"447\" src=\"https://quasa.io/storage/photos/00/image - 2025-10-20T125217.536.jpg\" width=\"300\" />To mitigate such risks, developers must rethink how AI browsers handle content and user privileges.\u003C/p>\n\n\u003Cp>\u003Cstrong>Here are some actionable steps:\u003C/strong>\u003C/p>\n\n\u003Cul>\n\t\u003Cli>\u003Cstrong>Separate User Instructions from Page Content\u003C/strong>: Treat all page content as untrusted and isolate it from the AI’s command pipeline.\u003C/li>\n\t\u003Cli>\u003Cstrong>Validate AI Actions\u003C/strong>: Ensure the AI’s actions align strictly with the user’s explicit request, rejecting unrelated or suspicious commands.\u003C/li>\n\t\u003Cli>\u003Cstrong>Require Explicit Confirmation\u003C/strong>: Mandate user approval for sensitive actions like sending emails or accessing financial accounts.\u003C/li>\n\t\u003Cli>\u003Cstrong>Isolate Agentic Mode\u003C/strong>: Restrict powerful AI features to an explicitly activated mode, separate from standard browsing sessions.\u003C/li>\n\u003C/ul>\n\n\u003Ch4>\u003Cstrong>The Aftermath\u003C/strong>\u003C/h4>\n\n\u003Cp>Brave reported the issue to Perplexity in July, and a public fix was released a month later. However, subsequent analysis revealed that the patch was incomplete, leaving lingering vulnerabilities. This incident underscores a broader truth: granting AI full access to a browser with active user sessions is a ticking time bomb for cyberattacks.\u003C/p>\n\n\u003Cp>\u003Cstrong>Also read:\u003C/strong>\u003C/p>\n\n\u003Cul>\n\t\u003Cli>\u003Ca href=\"https://quasa.io/media/qua-crypto-buyback-october-2025\">QUA Сrypto Buyback - October 2025\u003C/a>\u003C/li>\n\t\u003Cli>\u003Ca href=\"https://quasa.io/media/clippers-the-new-ugc-scaled-by-x1000\">Clippers: The New UGC, Scaled by x1000\u003C/a>\u003C/li>\n\t\u003Cli>\u003Ca href=\"https://quasa.io/media/wikipedia-s-decline-ai-and-social-media-take-over\">Wikipedia’s Decline: AI and Social Media Take Over\u003C/a>\u003C/li>\n\t\u003Cli>\u003Ca href=\"https://quasa.io/media/gas-rules-america-not-what-you-thought-it-s-gas\">Gas Rules America, Not What You Thought: It’s Gas\u003C/a>\u003C/li>\n\u003C/ul>\n\n\u003Chr />\n\u003Ch4>\u003Cstrong>The Bigger Picture\u003C/strong>\u003C/h4>\n\n\u003Cp>As AI becomes more integrated into our digital lives, the stakes are skyrocketing. Agentic browsers, while powerful, introduce unprecedented risks that demand new security paradigms. Classical approaches to web security are no longer enough. The industry must act swiftly to design robust safeguards, or we risk opening the door to a new era of sophisticated, AI-driven cyberattacks.\u003C/p>","ai-vulnerabilities-are-becoming-critically-dangerous","2025-10-20T10:53:26.000000Z","2025-10-25T09:49:00.000000Z","25.10.2025",{"image":82,"thumb":83},"https://quasa.io/storage/images/news/YdvusK78bKC0JpVnpO49vnqCPccWJQdKMoiJoHBt.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/YdvusK78bKC0JpVnpO49vnqCPccWJQdKMoiJoHBt.jpg","small",null,749,0,"en",{"id":50,"title":51,"slug":52,"meta_title":90,"meta_description":91,"meta_keywords":92,"deleted_at":85,"created_at":93,"updated_at":94,"lang":88},"Quasa media blog on growth hacking in Security and Protection","Trends and forecasts. Facts and incredible life hacks in Quasa Media about security and protection.","Security and protection, hacker, hackers, hacking, technology, cybersecurity","2022-04-17T21:18:28.000000Z","2024-08-25T15:38:18.000000Z",[96,108,118,129,140],{"title":97,"description":98,"slug":99,"created_at":100,"publish_at":100,"formatted_created_at":101,"category":102,"links":103,"view_type":84,"video_url":85,"views":106,"likes":87,"lang":88,"comments_count":87,"is_pinned":107},"Marble 1.1 — World Labs Just Made Their World Model Significantly Better","World Labs has released a meaningful update to its generative world model: Marble 1.1 and a new, more powerful variant called Marble 1.1 Plus.","marble-1-1-world-labs-just-made-their-world-model-significantly-better","2026-04-10T19:22:07.000000Z","10.04.2026",{"title":43,"slug":44},{"image":104,"thumb":105},"https://quasa.io/storage/images/news/Klmcbo6URuD0uYTxZn4aR9x8zl98NpFfsdMHTGHw.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/Klmcbo6URuD0uYTxZn4aR9x8zl98NpFfsdMHTGHw.jpg",79,false,{"title":109,"description":110,"slug":111,"created_at":112,"publish_at":112,"formatted_created_at":101,"category":113,"links":114,"view_type":84,"video_url":85,"views":117,"likes":87,"lang":88,"comments_count":87,"is_pinned":107},"Unmasking Runway Characters: The Unexpected Rise of the Real-Time Avatar","The generative AI landscape is moving so fast it's sometimes hard to keep up. But just when we thought we knew what to expect from major players like Runway, they dropped a curveball: Runway Characters.","unmasking-runway-characters-the-unexpected-rise-of-the-real-time-avatar","2026-04-10T19:04:45.000000Z",{"title":58,"slug":63},{"image":115,"thumb":116},"https://quasa.io/storage/images/news/Lxi7mPfuvku81DkTvlELBfErpx8nbus6cXvBCWMk.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/Lxi7mPfuvku81DkTvlELBfErpx8nbus6cXvBCWMk.jpg",83,{"title":119,"description":120,"slug":121,"created_at":122,"publish_at":122,"formatted_created_at":101,"category":123,"links":124,"view_type":84,"video_url":85,"views":127,"likes":128,"lang":88,"comments_count":87,"is_pinned":107},"Claude Mythos Just Broke Cybersecurity: The AI That Finds Vulnerabilities Better Than Most Human Hackers","Anthropic has quietly unleashed something terrifyingly powerful — and then immediately locked it away.","claude-mythos-just-broke-cybersecurity-the-ai-that-finds-vulnerabilities-better-than-most-human-hackers","2026-04-10T15:10:28.000000Z",{"title":43,"slug":44},{"image":125,"thumb":126},"https://quasa.io/storage/images/news/mzgaJsOkQfbcba4vvmQXFniw06VALNMRRGcRLVXF.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/mzgaJsOkQfbcba4vvmQXFniw06VALNMRRGcRLVXF.jpg",289,1,{"title":130,"description":131,"slug":132,"created_at":133,"publish_at":134,"formatted_created_at":101,"category":135,"links":136,"view_type":84,"video_url":85,"views":139,"likes":87,"lang":88,"comments_count":87,"is_pinned":107},"China’s Five-Year Plans Strike Again: How Centralized Vision and Competitive Freedom Are Powering the Next Frontier of Brain-Computer Interfaces","In an era of breakneck technological change, China’s much-maligned five-year planning system is proving surprisingly effective. Far from the rigid, top-down micromanagement of the Soviet era, Beijing’s modern industrial strategies deliberately avoid over-specifying every detail.","china-s-five-year-plans-strike-again-how-centralized-vision-and-competitive-freedom-are-powering-the-next-frontier-of-brain-computer-interfaces","2026-03-28T17:45:42.000000Z","2026-04-10T11:36:00.000000Z",{"title":43,"slug":44},{"image":137,"thumb":138},"https://quasa.io/storage/images/news/9e878UicRgHXBtTQ74llERUUJHi9VJhY6RrS6GzZ.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/9e878UicRgHXBtTQ74llERUUJHi9VJhY6RrS6GzZ.jpg",400,{"title":141,"description":142,"slug":143,"created_at":144,"publish_at":145,"formatted_created_at":101,"category":146,"links":147,"view_type":84,"video_url":85,"views":150,"likes":87,"lang":88,"comments_count":87,"is_pinned":107},"This AI Will Tell You Exactly How Attractive You Are — And It Only Takes 25 Seconds","There’s a new viral AI tool that does something most of us secretly want to know but are afraid to ask: it looks at your face and gives you a straight-up attractiveness score.","this-ai-will-tell-you-exactly-how-attractive-you-are-and-it-only-takes-25-seconds","2026-03-27T20:13:20.000000Z","2026-04-10T09:34:00.000000Z",{"title":27,"slug":28},{"image":148,"thumb":149},"https://quasa.io/storage/images/news/eTdAX16TIQnnM1X90hkB2oOPixcWqRw3eZlaGUta.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/eTdAX16TIQnnM1X90hkB2oOPixcWqRw3eZlaGUta.jpg",497,[152,165,179,191,203],{"title":153,"description":154,"slug":155,"created_at":156,"publish_at":157,"formatted_created_at":158,"category":159,"links":160,"view_type":84,"video_url":85,"views":163,"likes":164,"lang":88,"comments_count":87,"is_pinned":107},"The Anatomy of an Entrepreneur","Entrepreneur is a French word that means an enterpriser. Enterprisers are people who undertake a business or enterprise with the chance of earning profits or suffering from loss.","the-anatomy-of-an-entrepreneur","2021-08-04T15:18:21.000000Z","2025-12-14T06:09:00.000000Z","14.12.2025",{"title":65,"slug":66},{"image":161,"thumb":162},"https://quasa.io/storage/images/news/mVsXPTMuHZuI7UXCsENgL1Qwp1uSOf7Rz3uVPMfm.webp","https://api.quasa.io/thumbs/news-thumb/images/news/mVsXPTMuHZuI7UXCsENgL1Qwp1uSOf7Rz3uVPMfm.webp",69134,2,{"title":166,"description":167,"slug":168,"created_at":169,"publish_at":170,"formatted_created_at":171,"category":172,"links":173,"view_type":176,"video_url":85,"views":177,"likes":178,"lang":88,"comments_count":87,"is_pinned":107},"Advertising on QUASA","QUASA MEDIA is read by more than 400 thousand people a month. We offer to place your article, add a link or order the writing of an article for publication.","advertising-on-quasa","2022-07-06T07:33:02.000000Z","2025-12-15T17:33:02.000000Z","15.12.2025",{"title":58,"slug":63},{"image":174,"thumb":175},"https://quasa.io/storage/images/news/45SvmdsTQbiyc3nxgbyHY1mpVbisYyub2BCHjqBL.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/45SvmdsTQbiyc3nxgbyHY1mpVbisYyub2BCHjqBL.jpg","large",68750,4,{"title":180,"description":181,"slug":182,"created_at":183,"publish_at":184,"formatted_created_at":185,"category":186,"links":187,"view_type":84,"video_url":85,"views":190,"likes":178,"lang":88,"comments_count":87,"is_pinned":107},"What is a Startup?","A startup is not a new company, not a tech company, nor a new tech company. You can be a new tech company, if your goal is not to grow high and fast; then, you are not a startup. ","what-is-a-startup","2021-08-04T12:05:17.000000Z","2025-12-17T13:02:00.000000Z","17.12.2025",{"title":65,"slug":66},{"image":188,"thumb":189},"https://quasa.io/storage/images/news/EOsQhSW3VXyG7a6NPdE1oZd00xfJXe3bjY5aJGb7.webp","https://api.quasa.io/thumbs/news-thumb/images/news/EOsQhSW3VXyG7a6NPdE1oZd00xfJXe3bjY5aJGb7.webp",66645,{"title":192,"description":193,"slug":194,"created_at":195,"publish_at":196,"formatted_created_at":197,"category":198,"links":199,"view_type":84,"video_url":85,"views":202,"likes":164,"lang":88,"comments_count":128,"is_pinned":107},"Top 5 Tips to Make More Money as a Content Creator","Content creators are one of the most desired job titles right now. Who wouldn’t want to earn a living online?","top-5-tips-to-make-more-money-as-a-content-creator","2022-01-17T17:31:51.000000Z","2026-01-17T11:30:00.000000Z","17.01.2026",{"title":19,"slug":20},{"image":200,"thumb":201},"https://quasa.io/storage/images/news/gP8kiumBPpJmQv6SMieXiX1tDetx43VwFfO1P4Ca.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/gP8kiumBPpJmQv6SMieXiX1tDetx43VwFfO1P4Ca.jpg",40851,{"title":204,"description":205,"slug":206,"created_at":207,"publish_at":208,"formatted_created_at":209,"category":210,"links":211,"view_type":176,"video_url":85,"views":214,"likes":164,"lang":88,"comments_count":87,"is_pinned":107},"8 Logo Design Tips for Small Businesses","Your logo tells the story of your business and the values you stand for.","8-logo-design-tips-for-small-businesses","2021-12-04T21:59:52.000000Z","2025-05-05T03:30:00.000000Z","05.05.2025",{"title":15,"slug":16},{"image":212,"thumb":213},"https://quasa.io/storage/images/news/Wbx2NtS1CnTupgoQbpFMGspJ5jm4uob2hDOq33r0.jpg","https://api.quasa.io/thumbs/news-thumb/images/news/Wbx2NtS1CnTupgoQbpFMGspJ5jm4uob2hDOq33r0.jpg",40112,[216,217,218,219,220,221,222,223,224,225,226,227,228],{"title":23,"slug":24},{"title":47,"slug":48},{"title":55,"slug":56},{"title":43,"slug":44},{"title":51,"slug":52},{"title":31,"slug":32},{"title":35,"slug":36},{"title":27,"slug":28},{"title":19,"slug":20},{"title":15,"slug":16},{"title":58,"slug":63},{"title":11,"slug":12},{"title":65,"slug":66}]