Comet Browser by Perplexity Falls Prey to Security Vulnerability: Indirect Prompt Injection Attacks Highlight AI Challenges
2025-08-21 / Read about 0 minute
Author:小编   

Recently, Comet, an AI-driven browser, was exposed to a critical security vulnerability. This flaw could enable the processing of unauthenticated inputs, particularly when requesting summaries of webpage content, potentially executing malicious code and thereby enabling indirect prompt injection attacks. The security team of a rival browser discovered the vulnerability and promptly reported it to Comet's parent company, Perplexity. Researchers have emphasized that AI systems often struggle to distinguish between legitimate user instructions and untrustworthy content, posing significant security risks. Comparable issues have been noted in other AI-powered products as well. To date, Perplexity has not yet released a statement concerning the patch for this vulnerability.