General
Wednesday, 3 June 2026
A new report from Brave has raised serious security concerns about Perplexity’s AI-powered Comet browser. According to Brave’s research, Comet — and possibly other AI browsers — could be vulnerable to prompt injection attacks, where hackers embed hidden instructions into websites to secretly control the browser’s AI assistant.In the study, Brave’s Senior Mobile Security Engineer, Artem Chaikin, demonstrated how malicious text hidden within a webpage could be interpreted by Comet’s AI through screenshots or direct page visits. Once triggered, the AI could unknowingly follow harmful commands — such as accessing personal Gmail data or sending sensitive information to attackers.
One test showed that when a user took a screenshot of a webpage containing invisible commands (like zero-font or background-colored text), Comet’s text recognition automatically read those hidden prompts and executed them — without the user’s knowledge.In a more advanced demonstration, malicious visible instructions were placed on a webpage in a way most users wouldn’t notice — for example, within chatbot suggestion boxes. When users asked Comet’s AI to open that site, the hidden commands were activated, redirecting the browser and even making it follow social media accounts automatically.
Brave’s report warns that AI browsers with built-in assistant tools could be at high risk, especially if they store passwords or payment information. These vulnerabilities could allow hackers to perform dangerous cross-domain actions — such as accessing bank accounts, corporate systems, or healthcare sites — simply through hidden natural-language commands.Brave says it reported this vulnerability to Perplexity on October 1, followed by a public disclosure on October 2. There’s no word yet on whether OpenAI’s ChatGPT Atlas or similar AI browsers are also affected.
Comments (0)
No comments yet
Be the first to comment!