AI in practice
Maximilian Schreiner

Brave discovers a security flaw in Perplexity’s Comet browser

Max is the managing editor of THE DECODER, bringing his background in philosophy to explore questions of consciousness and whether machines truly think or just pretend to.
Profile
E-Mail

Brave discovered a security flaw in Perplexity’s AI browser Comet that allows for so-called indirect prompt injection attacks. In these attacks, malicious commands are hidden in web pages or comments and are then interpreted by the AI assistant as legitimate user instructions when summarizing a page. During testing, Brave showed that Comet could be tricked into reading out sensitive user data, like email addresses and one-time passwords, and sending them to attackers. Perplexity responded by issuing updates, but according to Brave, the issue still isn’t fully resolved. Brave also offers its own AI assistant, Leo, in its browser and faces similar security challenges.

Ad
Ad
Ad
Join our community
Join the DECODER community on Discord, Reddit or Twitter - we can't wait to meet you.
Support our independent, free-access reporting. Any contribution helps and secures our future. Support now:
Bank transfer
Sources
Brave
Max is the managing editor of THE DECODER, bringing his background in philosophy to explore questions of consciousness and whether machines truly think or just pretend to.
Profile
E-Mail
AI in practice

CEO Arison says no single AI model will always meet Grindr’s needs

News, tests and reports about VR, AR and MIXED Reality.
What happens next with MIXED My personal farewell to MIXED Meta and Anduril are now jointly developing XR headsets for the US military MIXED-NEWS.com
AI in practice

xAI has released Grok 2 as an open model with its weights now available for download

AI in practice

Meta licenses Midjourney's "aesthetic technology" to improve visual quality of future models

Google News
Join our community
Join the DECODER community on Discord, Reddit or Twitter - we can't wait to meet you.
Join our community
Join the DECODER community on Discord, Reddit or Twitter - we can't wait to meet you.

Brave discovers a security flaw in Perplexity’s Comet browser

Bank details

IBAN: DE87 1203 0000 1086 0070 75
Account holder: DEEP CONTENT GbR
Purpose: Support THE DECODER
AI and society

Google downplays AI's environmental impact in new study

AI in practice

Deepseek’s first hybrid model V3.1 surpasses its R1 reasoning model on benchmarks

AI and society

Meta's human-like chatbot personas can mislead users and result in real-world harm

Google News