Perplexity’s newly launched AI browser, Comet, has come under scrutiny after security researchers at Brave identified a serious prompt injection vulnerability. The flaw allows attackers to embed hidden instructions within webpage content, tricking Comet’s AI agent into executing malicious commands.
Researchers warned that attackers could exploit the issue to access sensitive user data such as emails, banking passwords, and authentication details. Unlike traditional exploits, the vulnerability arises from how Comet processes both user instructions and untrusted webpage content when performing tasks like summarisation.
While Perplexity acknowledged the flaw and claimed to have issued a fix, Brave said its further testing showed the vulnerability persisted. The risk highlights broader security concerns with AI-centric browsers, which often require deep integration with logged-in sessions to function effectively.
Experts recommend stricter separation between user commands and webpage content, along with mandatory user confirmation for sensitive actions, to ensure safer AI-powered browsing.
Leslie Rajan 
Nithin Rosh