Brave and Guardio have revealed serious vulnerabilities in the Comet AI browser that Perplexity released in July. Perplexity said that Comet “transforms how businesses interact with the internet” by “combining enterprise-grade security, powerful AI capabilities, and intuitive user experiences.” That alone should have been enough to make users wary about the browser’s security. Highlighting “enterprise-grade security” is like bragging about “military-grade encryption” in that it’s a red flag, not a green one. It didn’t take long to prove those suspicions correct. “When users ask [Comet] to ‘Summarize this webpage,’ Comet feeds a part of the webpage directly to its LLM without distinguishing between the user’s instructions and untrusted content from the webpage,” Brave said a month after the browser’s debut.

Full report : Perplexity’s AI-powered Comet browser leaves users vulnerable to phishing scams and malicious code injection.