Brief

Researchers discovered a significant prompt injection vulnerability in the Perplexity Comet browser, allowing attackers to execute malicious instructions by hiding them within invisible elements on web pages. This indirect prompt injection attack, which requires no user interaction beyond asking the AI to summarize content, can lead to sensitive data exfiltration, including email addresses and one-time passwords. While Perplexity has issued fixes, the underlying architectural issue of AI models not distinguishing between content and instructions remains a broader concern for AI-enhanced applications processing external data. AI

Perplexity has open-sourced Bumblebee, a new tool designed to scan developer endpoints for potential supply-chain attack vectors. This read-only scanner inventories installed packages, AI agent configurations, and editor/browser extensions on macOS and Linux systems. Bumblebee aims to fill a gap left by existing security tools by directly inspecting local developer machine states, which are increasingly targeted by attackers. AI

Researchers have developed CoMET, a novel method for multimodal classification that leverages frozen pre-trained backbones and Tabular Foundation Models (TFMs). This approach uses Principal Component Analysis (PCA) to compress modality embeddings before feeding them into a TFM, eliminating the need for fine-tuning. For improved representation quality, especially when CLS tokens are misaligned, they propose PALPooling, an adaptive token pooler. CoMET achieves state-of-the-art results on various multimodal benchmarks and can handle large-scale datasets with over 500,000 samples and 2,000 classes without any training. AI