Courageous printed particulars a couple of safety difficulty with Comet, Perplexity’s AI browser, that permits an attacker to inject a immediate into the browser and acquire entry to information in different open browser tabs.
Comet AI Browser Vulnerability
Courageous described a vulnerability that may be activated when a person asks the Comet AI browser to summarize an internet web page. The LLM will learn the net web page, together with any embedded prompts that command the LLM to take motion on any open tabs
In accordance to Courageous:
“The vulnerability we’re discussing on this publish lies in how Comet processes webpage content material: when customers ask it to “Summarize this webpage,” Comet feeds part of the webpage on to its LLM with out distinguishing between the person’s directions and untrusted content material from the webpage. This permits attackers to embed oblique immediate injection payloads that the AI will execute as instructions. For example, an attacker may acquire entry to a person’s emails from a ready piece of textual content in a web page in one other tab.”
A publish on Simon Willison’s Weblog shared that Perplexity tried to patch the vulnerability however the repair doesn’t work.
A developer posted the next on X:
“Why is nobody speaking about this?
That is why I don’t use an AI browser
You possibly can actually get immediate injected and your checking account drained by doomscrolling on reddit:”
Issues aren’t trying good for Comet Browser right now.
