Researchers discovered a significant prompt injection vulnerability in the Perplexity Comet browser, allowing attackers to execute malicious instructions by hiding them within invisible elements on web pages. This indirect prompt injection attack, which requires no user interaction beyond asking the AI to summarize content, can lead to sensitive data exfiltration, including email addresses and one-time passwords. While Perplexity has issued fixes, the underlying architectural issue of AI models not distinguishing between content and instructions remains a broader concern for AI-enhanced applications processing external data. AI
Summary written by gemini-2.5-flash-lite from 1 sources. How we write summaries →
IMPACT Highlights critical security risks in AI browsers and applications that process external content, necessitating robust defenses against prompt injection.
RANK_REASON The cluster details a security vulnerability in a specific AI-powered product, Perplexity Comet, and the subsequent disclosure and patching efforts.
