Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

Comet Browser’s Security Scare: Brave Exposes Risks of AI-Powered Browsing

By / / 5 minutes of reading
Perplexity comet browser launched

📷 Image Source: Official Comet Browser Homepage render, modified by TechMitra. Used for informational purposes under fair use.

Table of Contents

What Security Scare in Perplexity Comet Browser ?

Artificial intelligence is making its way into almost every corner of our digital lives, from search engines and productivity apps to even web browsers. But with innovation comes new risks. Perplexity’s AI-powered web browser, Comet, recently faced a major security vulnerability that highlights just how tricky it is to embed AI assistants directly into browsing.

The flaw was discovered and detailed last week by Brave, another privacy-focused web browser company. Although Perplexity has since patched the issue, the incident raises deeper questions about the safety of AI-driven tools and whether they can be trusted to handle sensitive online tasks.

What Makes Comet Different?

Unlike traditional browsers such as Chrome, Safari, or Firefox, Comet comes with a built-in AI assistant. This assistant can do things like:

  • Scan the web page you’re reading

  • Summarize content for you

  • Perform specific tasks or actions based on instructions

On paper, this sounds incredibly useful. Instead of copying and pasting text into ChatGPT or another chatbot, Comet integrates those capabilities directly into the browsing experience.

But here lies the problem: Comet’s assistant is built on the same foundation as AI chatbots like ChatGPT. While these models are powerful, they’re also vulnerable to a form of exploitation known as prompt injection.

Understanding Prompt Injection

Traditional hacking relies on exploiting software bugs with code. AI hacking, however, can exploit weaknesses in language understanding.

Here’s how prompt injection works:

  • Hidden or manipulated text is placed on a web page.

  • The AI assistant scans the page.

  • Instead of ignoring malicious instructions, the AI mistakenly follows them.

Since AI models lack the ability to “reason” the same way humans do, they may not recognize when they’re being tricked. This is exactly what Brave’s researchers demonstrated.

OpenAI Security & Safety Page

Also Read : OpenAI Unveils New Safety Measures for ChatGPT Users Facing Emotional Distress and Teenagers

How Brave Tested Comet’s Security

Brave’s security team created a test environment to probe Comet’s assistant. They set up a Reddit page with invisible text (hidden from human users but still readable by AI).

When Comet’s assistant was asked to summarize the page, it also processed the hidden text—unintentionally carrying out the malicious instructions embedded there.

According to Brave, the AI was tricked into:

  • Accessing a user’s Perplexity account

  • Extracting the associated email address

  • Attempting to navigate into a Gmail account

In effect, Comet’s assistant acted as if it were the user, bypassing normal security checks. This is deeply concerning because it shows that AI agents can be manipulated into behaving like automated hackers without needing advanced coding techniques.

Why This Is Dangerous

While Brave’s test was controlled, the implications are severe. If malicious actors exploit such vulnerabilities, they could potentially gain access to:

  • Bank accounts

  • Corporate systems

  • Private emails

  • Social media accounts

This kind of AI-enabled exploitation doesn’t require traditional hacking expertise. A cleverly worded invisible prompt could trick the AI into doing the heavy lifting.

Brave’s Recommendations for Safer AI Browsers

In their blog post, Brave’s senior mobile security engineer, Artem Chaikin, and VP of privacy and security, Shivan Kaul Sahib, suggested key fixes: 

  1. Treat all page content as untrusted.
    AI browsers should not blindly follow instructions embedded within web pages.

  2. Validate user intent.
    AI models should double-check whether their actions align with what the user actually requested.

  3. Confirm actions with the user.
    Before carrying out sensitive operations, the assistant should explicitly ask for permission.

  4. Restrict “agentic browsing” mode.
    Browsers should only allow AI to act independently when the user specifically enables it.

These safeguards, if implemented, could prevent AI from unintentionally exposing personal or sensitive information.

Brave’s Official Blog Post (Primary source of the security findings) 

AI Assistants in Browsers: A Growing Trend

Brave’s warning isn’t just about Comet. In fact, Brave itself has an embedded AI assistant called Leo, and other companies are racing to add similar features. Google, Microsoft, and smaller startups are all weaving AI into everyday tools to make them smarter and more helpful.

But this trend comes with an important reality check: AI introduces entirely new categories of vulnerabilities.

Why AI Security Is Harder

In the past, hackers needed to be skilled coders to break into systems. With AI, the rules have changed:

  • Language is the new attack surface. A malicious sentence can sometimes bypass protections just as effectively as malicious code.

  • Shared AI models spread risk. Many companies use the same underlying AI systems from providers like OpenAI, Google, or Meta. If those systems have vulnerabilities, the risks cascade downstream.

  • Limited transparency. AI companies often keep security issues quiet to avoid tipping off hackers—making it difficult for users and businesses to fully understand the risks.

This makes protecting AI systems both more urgent and more complicated than traditional cybersecurity.

What This Means for Everyday Users

For now, Comet users don’t need to panic—Perplexity has already fixed the vulnerability Brave exposed. Still, the incident is a reminder for anyone using AI-enhanced tools to:

  • Be cautious when granting AI assistants access to accounts or sensitive data.

  • Avoid enabling automated browsing modes unless absolutely necessary.

  • Keep up with updates from browser companies on new security fixes.

Final Thoughts

The Comet vulnerability underscores a broader issue: AI assistants are incredibly powerful, but also uniquely fragile. They can be tricked in ways that traditional software never could, simply because they process and act on natural language.

As more browsers and apps race to embed AI, security must evolve just as quickly. Otherwise, the convenience of AI-powered browsing could open the door to risks far greater than slow-loading websites or annoying pop-ups.

For now, Brave’s spotlight on Comet should serve as a wake-up call for the entire tech industry: if AI is going to be our digital co-pilot, it needs to be trained not just to help—but also to protect.

Disclaimer: The information in this article is based on details first reported by official sources and publicly available news, including Google News. We have adapted and rewritten the content for clarity, SEO optimization, and reader experience. All trademarks and images belong to their respective owners.

This article is based on information published by Brave in its official blog. Perplexity has already fixed the reported issue. The purpose of this post is to inform readers about AI security challenges, not to make independent claims.

Oh hi there
It’s nice to meet you.

Sign up to receive awesome Tech News in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

After Entering Email Please check your Inbox for Confirmation, Thanks

Trending

Oh hi there
It’s nice to meet you.

Sign up to receive awesome Tech News in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

After Entering Email Please check your Inbox for Confirmation, Thanks

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top