Perplexity’s Comet AI browser had a major security flaw that put users’ emails, passwords and banking data at risk

Perplexity’s AI-based web browser Comet suffered from a major vulnerability that potentially allowed bad actors to gain access to sensitive user data, such as emails, banking passwords, and other details, through a technique called indirect prompt injection.

Notably, Comet is among a slew of new-age, AI-based browsers that use large language models in order to follow tasks autonomously on a user’s behalf. Using its built-in AI, the browser is capable of completing tasks like summarizing web pages, emails, calendar events, managing tabs, and even answering questions about the content on their screen.