{"id":7375,"date":"2025-10-05T16:43:31","date_gmt":"2025-10-05T16:43:31","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=7375"},"modified":"2025-10-05T16:43:31","modified_gmt":"2025-10-05T16:43:31","slug":"one-click-on-can-flip-perplexitys-comet-ai-browser-right-into-a-knowledge-thief","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=7375","title":{"rendered":"One Click on Can Flip Perplexity&#8217;s Comet AI Browser Right into a Knowledge Thief"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">Oct 04, 2025<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">Agentic AI \/ Enterprise Safety<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhwIREfLD0f9VnhVlWQeaAaQQQLFAE8Yq11lxwmw5UA9-54l9pbKf064vcz5GHQ1Rer9Qc892qln_Fn4RdecChxbCQk2qurb0OndYaSsdAt7qXWn61Binw_OZ96OtLwpRRXfq99QHnoGeCPiuqOE2yBAE2lVhgmUSdAjw32GybKl8HeYJGK3DcyEAOCWpRr\/s790-rw-e365\/comet-ai.jpg\" style=\"display: block;  text-align: center; clear: left; float: left;\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhwIREfLD0f9VnhVlWQeaAaQQQLFAE8Yq11lxwmw5UA9-54l9pbKf064vcz5GHQ1Rer9Qc892qln_Fn4RdecChxbCQk2qurb0OndYaSsdAt7qXWn61Binw_OZ96OtLwpRRXfq99QHnoGeCPiuqOE2yBAE2lVhgmUSdAjw32GybKl8HeYJGK3DcyEAOCWpRr\/s790-rw-e365\/comet-ai.jpg\" alt=\"\" border=\"0\" data-original-height=\"470\" data-original-width=\"900\"\/><\/a><\/div>\n<p>Cybersecurity researchers have disclosed particulars of a brand new assault known as <strong>CometJacking<\/strong> concentrating on Perplexity&#8217;s agentic AI browser Comet by embedding malicious prompts inside a seemingly innocuous hyperlink to siphon delicate information, together with from linked companies, like e mail and calendar.<\/p>\n<p>The sneaky <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/layerxsecurity.com\/blog\/cometjacking-how-one-click-can-turn-perplexitys-comet-ai-browser-against-you\/\" rel=\"noopener\" target=\"_blank\">immediate injection assault<\/a> performs out within the type of a malicious hyperlink that, when clicked, triggers the sudden conduct unbeknownst to the victims.<\/p>\n<div class=\"jeg_video_container jeg_video_content\"><iframe loading=\"lazy\" title=\"CometJacking: Stealing Emails from Comet\" width=\"500\" height=\"375\" src=\"https:\/\/www.youtube.com\/embed\/n8vLom-Musc?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/div>\n<p>&#8220;CometJacking exhibits how a single, weaponized URL can quietly flip an AI browser from a trusted co-pilot to an insider risk,&#8221; Michelle Levy, Head of Safety Analysis at LayerX, stated in an announcement shared with The Hacker Information.<\/p>\n<p>&#8220;This is not nearly stealing information; it is about hijacking the agent that already has the keys. Our analysis proves that trivial obfuscation can bypass information exfiltration checks and pull e mail, calendar, and connector information off-box in a single click on. AI-native browsers want security-by-design for agent prompts and reminiscence entry, not simply web page content material.&#8221;<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/thehackernews.uk\/cloud-insight-d\" rel=\"nofollow noopener sponsored\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"DFIR Retainer Services\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjzU4HTrkySm0XtyBVGRYE0rh0Fu057BcqLPyQ1DkQue9iJF64vs2nAMMK_e93VgilDx3SGrwBOcUItR7l3WC46QCzJJznACknx0e3BkN5Hl5oW0T4adCH97EPaL2urebcGd8Ijj4t5a_FDHSrZnYEneLlQN4pORoNzFAHU2_kDDHlrOV7iMsKTIrcI3nWB\/s728-rw-e100\/cloud-insight-d.png\" width=\"729\" height=\"91\"\/><\/a><\/center><\/div>\n<p>The assault, in a nutshell, hijacks the AI assistant embedded within the browser to steal information, all whereas bypassing Perplexity&#8217;s information protections utilizing trivial Base64-encoding methods. The assault doesn&#8217;t embrace any credential theft part as a result of the browser already has licensed entry to Gmail, Calendar, and different linked companies.<\/p>\n<p>It takes place over 5 steps, activating when a sufferer clicks on a specifically crafted URL, both despatched in a phishing e mail or current in an online web page. As an alternative of taking the consumer to the &#8220;supposed&#8221; vacation spot, the URL instructs the Comet browser&#8217;s AI to execute a <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/thehackernews.com\/2025\/06\/google-adds-multi-layered-defenses-to.html\" rel=\"noopener\" target=\"_blank\">hidden immediate<\/a> that captures the consumer&#8217;s information from, say, Gmail, obfuscates it utilizing Base64-encoding, and transmits the knowledge to an endpoint beneath the attacker&#8217;s management.<\/p>\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSdgDlnq1N7Z-Cgsqo0fD9dSTkbbmna0ylXGuCLuSW9plpWRXQbSH67y0zLWOBK77_9XEjlB8Kp8wZfHRHL-RwCA-46hO4D6d9O_1X7w2qoBW3GwviZkOLCCylAxF78lIgl2ECXOVf8y_BghS5QHvJUd3qWtvfo0PW9Lc_deGN8cw4Uy-jMjIvZe1nLjDE\/s790-rw-e365\/layerx.jpg\" style=\"display: block;  text-align: center; clear: left; float: left;\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgSdgDlnq1N7Z-Cgsqo0fD9dSTkbbmna0ylXGuCLuSW9plpWRXQbSH67y0zLWOBK77_9XEjlB8Kp8wZfHRHL-RwCA-46hO4D6d9O_1X7w2qoBW3GwviZkOLCCylAxF78lIgl2ECXOVf8y_BghS5QHvJUd3qWtvfo0PW9Lc_deGN8cw4Uy-jMjIvZe1nLjDE\/s790-rw-e365\/layerx.jpg\" alt=\"\" border=\"0\" data-original-height=\"1135\" data-original-width=\"1958\"\/><\/a><\/div>\n<p>The crafted URL is a question string directed on the Comet AI browser, with the malicious instruction added utilizing the &#8220;assortment&#8221; parameter of the URL, inflicting the agent to seek the advice of its reminiscence moderately than carry out a reside net search.<\/p>\n<p>Whereas Perplexity has categorised the findings as having &#8220;no safety impression,&#8221; they as soon as once more spotlight how AI-native instruments introduce new safety dangers that may get round conventional defenses, enable dangerous actors to commandeer them to do their bidding, and expose customers and organizations to potential information theft within the course of.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/thehackernews.uk\/platform-shield-d\" rel=\"nofollow noopener sponsored\" target=\"_blank\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"CIS Build Kits\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg6GpYnSEVgX-9xu8f-VEj7xbwYz7E6zxE6xL0Mfd6tE2wQ213wwvT8vkv9eqwMuEfEQllm8YJQUQglXFcA0kr6LlEYLvq7Lskyu5defaNo2Xq02wIg4tsGvkRuvj2DsW6rc3rfqDiqjQ3PolYAj0VqrBW2E7d70thPArHjR2RGL_UIVsJS0H_kmMOqjk9t\/s728-rw-e100\/cis-d.png\" width=\"729\" height=\"91\"\/><\/a><\/center><\/div>\n<p>In August 2020, Guardio Labs disclosed an assault method dubbed <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/thehackernews.com\/2025\/08\/experts-find-ai-browsers-can-be-tricked.html\" rel=\"noopener\" target=\"_blank\">Scamlexity<\/a> whereby browsers like Comet might be tricked by risk actors into interacting with phishing touchdown pages or counterfeit e-commerce storefronts with out the human consumer&#8217;s data or intervention.<\/p>\n<p>&#8220;AI browsers are the subsequent enterprise battleground,&#8221; Or Eshed, CEO of LayerX, stated. &#8220;When an attacker can direct your assistant with a hyperlink, the browser turns into a command-and-control level inside the corporate perimeter. Organizations should urgently consider controls that detect and neutralize malicious agent prompts earlier than these PoCs develop into widespread campaigns.&#8221;<\/p>\n<\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>\ue802Oct 04, 2025\ue804Ravie LakshmananAgentic AI \/ Enterprise Safety Cybersecurity researchers have disclosed particulars of a brand new assault known as CometJacking concentrating on Perplexity&#8217;s agentic AI browser Comet by embedding malicious prompts inside a seemingly innocuous hyperlink to siphon delicate information, together with from linked companies, like e mail and calendar. The sneaky immediate injection [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":7377,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[214,3372,5735,157,5734,5736,2416],"class_list":["post-7375","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-browser","tag-click","tag-comet","tag-data","tag-perplexitys","tag-thief","tag-turn"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/7375","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7375"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/7375\/revisions"}],"predecessor-version":[{"id":7376,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/7375\/revisions\/7376"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/7377"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7375"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7375"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7375"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-05-06 14:27:30 UTC -->