Hosted on MSN

Researchers flag Comet browser flaws that could enable hijacks

Security researchers are warning that design flaws in the Comet web browser could let attackers quietly take over user sessions, inject malicious content, and potentially pivot into broader account ...
Digit

Comet AI browser hacked: How attackers breached Perplexity’s AI agent

When Perplexity AI unveiled its Comet browser, it was pitched as the next evolution of web navigation: an agentic browsing tool that could read, summarize, and act on information across the internet ...
Forbes

‘Zero‑Click Google Drive Wiper’ Exploit Mass‑Deletes Files

A polite email asking an AI browser to “organize your Drive” can silently wipe your files. No phishing link or suspicious attachment required. Just a friendly request that turns an automated assistant ...
NextBigFuture

Obscure MCP API in Comet Browser Breaches User Trust, Enabling Full Device Control via AI Browsers

SquareX released critical research exposing a hidden API in Comet that allows extensions in the AI Browser to execute local commands and gain full control over users’ devices. The research reveals ...
SiliconANGLE

SquareX warns hidden API in Perplexity’s Comet browser enables full device takeover

New research out today from browser security company SquareX Ltd. is warning of a hidden application programming interface in Perplexity AI Inc.’s Comet browser that allows extensions in the ...
CSOonline

Hidden API in Comet AI browser raises security red flags for enterprises

SquareX has disclosed a previously undocumented API within the Comet AI browser that allows its embedded extensions to execute arbitrary commands and launch applications — capabilities mainstream ...
Business Wire

Zenity Labs Discloses PleaseFix Vulnerability Family in Perplexity Comet and Other Agentic Browsers

NEW YORK--(BUSINESS WIRE)--Zenity Labs today disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that ...