Courageous printed particulars a couple of safety challenge with Comet, Perplexity’s AI browser, that allows an attacker to inject a immediate into the browser and achieve entry to information in different open browser tabs.
Comet AI Browser Vulnerability
Courageous described a vulnerability that may be activated when a person asks the Comet AI browser to summarize an online web page. The LLM will learn the net web page, together with any embedded prompts that command the LLM to take motion on any open tabs
In keeping with Courageous:
“The vulnerability we’re discussing on this publish lies in how Comet processes webpage content material: when customers ask it to “Summarize this webpage,” Comet feeds part of the webpage on to its LLM with out distinguishing between the person’s directions and untrusted content material from the webpage. This permits attackers to embed oblique immediate injection payloads that the AI will execute as instructions. For example, an attacker might achieve entry to a person’s emails from a ready piece of textual content in a web page in one other tab.”
A publish on Simon Willison’s Weblog shared that Perplexity tried to patch the vulnerability however the repair doesn’t work.
A developer posted the next on X:
“Why is nobody speaking about this?
That is why I don’t use an AI browser
You’ll be able to actually get immediate injected and your checking account drained by doomscrolling on reddit:”
Issues aren’t trying good for Comet Browser at the moment.
