Brave has identified a critical vulnerability in Perplexity’s Comet AI browser, stemming from what it calls "indirect prompt injections." This flaw allows attackers to embed malicious commands within webpages, which Comet’s AI assistant mistakenly interprets as user instructions during content analysis.
In testing, Brave demonstrated how this vulnerability can be exploited to force Comet to read and send confidential data, including email addresses and one-time passwords, to attackers.
Although Perplexity has released updates to address the issue, Brave reports that the problem remains unresolved, raising concerns about the security of AI-driven browsing tools.
