A new ‘CometJacking’ attack exploits URL parameters to inject malicious prompts into Perplexity’s Comet AI browser, leading to potential data theft from connected services. Despite security concerns raised by researchers, the AI company has not acknowledged the risks, highlighting ongoing vulnerabilities. #CometJacking #PromptInjection
Keypoints
- CometJacking leverages URL parameter manipulation to execute prompt-injection attacks on the Comet AI browser.
- The attack can exfiltrate sensitive data such as emails and calendar invites by encoding instructions and evading safeguards.
- LayerX researchers demonstrated how to include malicious commands that force the AI to share data externally or perform actions.
- Perplexity dismissed the security risks, labeling the issue as “not applicable” despite evidence of data exfiltration.
- The vulnerability exposes flaws in AI browser security, requiring better safeguards against prompt-injection threats.